Facebook has announced it accidentally exposed the private photos of millions of users without their permission.
The company says a bug allowed third-party app developers to access photos people may not have shared publicly.
It is believed that as many as 6.8 million users could be affected for 12 days in September. About 1500 apps were wrongly given access, from nearly 900 different developers.
"When someone gives permission for an app to access their photos on Facebook, we usually only grant the app access to photos people share on their timeline," the company said on its blog.
"In this case, the bug potentially gave developers access to other photos."
- 63,714 Kiwis' data exposed in Cambridge Analytica privacy scandal
- Facebook keeps every video you film, even if you never publish it - report
Those whose images may have been wrongly accessed will be contacted by the site, which has more than 2 billion users.
"We're sorry this happened. Early next week we will be rolling out tools for app developers that will allow them to determine which people using their app might be impacted by this bug.
"We will be working with those developers to delete the photos from impacted users."
The bug also affected photos people uploaded to Facebook, but didn't actually post. Facebook says it only keeps those in its system for three days before they are deleted.
Facebook offers rewards to developers who find bugs in its code.
Newshub.
