Facebook's "Midnight Delivery" feature was temporarily disabled today as developers worked to cover a loophole that allowed people to see the private messages of others users.

Facebook's latest privacy snafu comes with New Year's greetings. The social network's "Midnight Delivery" feature was temporarily disabled today as developers worked to fix a loophole that allowed crafty Internet hackers to see the private messages of others users.

Midnight Delivery was introduced this year and allows people to send friends a message as 2012 turns into 2013. The vulnerability was exposed by IT student Jack Jenkins, who found he could access others' messages and photos by modifying the URL of his own messages.

"It is you may say a pretty harmless flaw," Jenkins wrote in a blog post. The messages in question displayed his profile picture, instead of the actual sender's, next to the message. The names of the recipients, however, were visible.

"It shouldn't be possible to do this, as these are not generic and are people's personal images," Jenkins said after stumbling across a father-son message and photo.

The issue has since been fixed, but not before Jenkins alerted the media. A Facebook spokesman told The Verge last night that it was "working on a fix" for the privacy slip-up. In the meantime, Facebook disabled the app on the Facebook Stories site "to ensure that no messages can be accessed."

As of about 7 a.m. Eastern, the Midnight Delivery option was again accessible, according to The Next Web.

Facebook did not immediately respond to PCMag's request for comment.

Facebook privacy again made headlines last week after the sister of CEO Mark Zuckerberg that a photo she posted to the social network wound up on Twitter. Turns out, the photo was made more publicly available because it tagged other people - opening it up to their friends. The whole situation elicited chuckles from those who were amused by the fact that even Mark Zuckerberg's sister doesn't fully understand Facebook's privacy settings.