The Facebook Photo Exposure and What You Can Do About It

Facebook Photo Leak. What happened and what you can do about it.

A few days ago Facebook let the world know that there was a flaw in the way that apps accessed photos. This flaw allowed developers of the Facebook apps to access the photos of 6.8 million users.  Facebook apps are one of the biggest security risks to Facebook users.  Cambridge Analytica came to light back in the summer when they asked users to take a survey and install an app on their profiles. This app gave the company access to lots of data that people have posted on their Facebook profiles.

When you install an app, you give that app permissions to data that you post on Facebook.  One thing you have to remember is that Facebook is not the developer of many of these apps.  So you are in essence giving someone other than Facebook to access your photos and posts.  Facebook is notifying people if their photos were leaked as a part of this issue. If yours were leaked, you’ll get a notification in the Facebook app the next time you log in. Facebook says that they are working with the app developers to scrub the exposed photos.

How Do You Stop Apps?

There is something you can do about this though. I recommend that everyone look at the apps that are installed. You can see all the apps and the individual permissions that those apps have. Make sure that you are alright with giving that third party access to your data. You can either delete the app or deny permissions to the app.

Facebook permissions page example for Pinterest

The image above is an app I had installed. You can see I’ve given this app permission to see my friends list, birthday, pages I like, and my email address. But this page gives me the ability to turn off those individual permissions. So if I don’t want Pinterest to see the pages I like, all I have to do is turn that permission off.

I will warn you in advance, turning off permissions like that could break the app. This means that it may not provide the service you want anymore. I would suggest looking at the apps and thinking about what service it provides you. If you don’t want or need that service anymore, delete the app.

We all give Facebook a lot of information about ourselves and we assume that they will protect that. We all need to do a better job of protecting ourselves online, but especially with regard to social media. It’s clear that the companies we do business with aren’t doing a great job of that. That’s why I’m working on a Facebook security workshop that I plan to launch in the next few weeks. If securing your Facebook account is something you want to learn how to do, sign up using the form below. I’ll send you an email to register for the free workshop.

[mc4wp_form id=”124″]

About the Author Kyle

Kyle Slosek is a security practitioner with 10 years of experience in enterprise Information Technology environments. Through out his career Kyle has performed everything from certification and accreditation to penetration testing and forensics. He holds a Bachelor of Science in Information Technology, a Master of Science in Information Assurance, as well as several industry certifications.