WARNING: Facebook Users' Private Photos Exposed

The tool that allows Facebook users to report inappropriate photos is backfiring in a big way, instead allowing users to see other users' photos that are marked as private.

The tool that allows Facebook users to report inappropriate photos is backfiring in a big way, allowing users to see other users’ photos that are marked as private.

ZDNet’s Between the Lines blog reported that users who click on “Report This Photo” and choose “Nudity or pornography” from the pop-up menu are then offered the opportunity to “help” Facebook by adding additional photos to their report.

Upon selecting that option, users gain access to additional photos, including those that were marked private by the users who posted them.

The ZDNet blog cited a forum on BodyBuilding.com, since deleted, for being the first to report the issue, saying that users on that forum were able to exploit it to access the private photos of Facebook founder and CEO Mark Zuckerberg, posting a picture of him and President Barack Obama at a dinner party (see below, via Between the Lines).

Users of the forum also reported that the private photos could be viewed at their full size.

A Facebook spokesperson addressed the issue Tuesday afternoon, saying:

Earlier today, we discovered a bug in one of our reporting flows that allows people to report multiple instances of inappropriate content simultaneously. The bug allowed anyone to view a limited number of another user’s most recently uploaded photos, irrespective of the privacy settings for these photos. This was the result of one of our recent code pushes, and it was live for a limited period of time. Upon discovering the bug, we immediately disabled the system, and will only return functionality once we can confirm the bug has been fixed.

The privacy of our users’ data is a top priority for us, and we invest significant resources in protecting our site and the people who use it. We hire the most qualified and highly skilled engineers and security professionals at Facebook, and with the recent launch of our Security Bug Bounty Program, we continue to work with the industry to identify and resolve legitimate threats to help us keep the site safe and secure for everyone.

Readers: Does this issue make you want to delete photos from your Facebook profile?

Recommended articles