Facebook privacy bug 'affects 14 million users' Dave Lee

North America technology reporter Published duration 7 June 2018

image copyright Getty Images

A software bug meant millions of Facebook users may have unknowingly posted private information to the public, the company has warned.

The glitch set a user’s post to be shared to "everyone", even if a user had previously chosen a more restricted option, such as “friends of friends”.

“We’d like to apologise for this mistake,” said Erin Egan, Facebook’s head of privacy.

Users who may have been affected will be notified on the site’s newsfeed.

"We recently found a bug that automatically suggested posting publicly when some people were creating their Facebook posts,” Ms Egan said.

"We have fixed this issue and starting today we are letting everyone affected know and asking them to review any posts they made during that time.

"To be clear, this bug did not impact anything people had posted before - and they could still choose their audience just as they always have. We’d like to apologise for this mistake."

The glitch was active between 18 and 22 May, a spokeswoman added, but it took the site until 27 May to switch posts back to private - or whatever the user had typically used before the bug became apparent.

image copyright Getty Images image caption Mark Zuckerberg is Facebook's chief executive

What did the bug do?

When users post to Facebook, there is a menu option that dictates who sees that post. If the user chooses public, anyone can view that post.

The other options limit the audience, with most users typically posting updates that reach their friends.

Facebook remembers what setting you last chose and automatically selects it the next time you make a post.

However, between 18 and 22 May this year, the bug would set posts to “public” even if the user had, in the previous post, chosen something more private.

If the user did not notice the setting had changed, they may have posted something publicly that was not intended for that wider audience.

Facebook said it estimates 14 million people did so - and so has started notifying users. In the meantime, it has reverted the audience for any affected posts to whatever setting the user had selected previously.

More mishaps

While relatively minor compared to recent issues facing the company, the glitch is another embarrassing slip-up for a firm already under heavy fire over privacy concerns.

This week, it has been answering questions about the nature of data-sharing deals with handset makers i ncluding Chinese manufacturers Huawei and ZTE

Those affected by this latest blunder will be shown a graphical notification soon, with the chance to review what posts may have been posted publicly by mistake.