Facebook says 100 software developers may have improperly accessed user data

Some developers retained access that was supposed to have been terminated last year.

Steven Musil Night Editor / News
Steven Musil is the night news editor at CNET News. He's been hooked on tech since learning BASIC in the late '70s. When not cleaning up after his daughter and son, Steven can be found pedaling around the San Francisco Bay Area. Before joining CNET in 2000, Steven spent 10 years at various Bay Area newspapers.
Expertise I have more than 30 years' experience in journalism in the heart of the Silicon Valley.
Steven Musil
2 min read

Facebook said at least 11 software developers improperly accessed user data in the past 60 days through a channel that was supposed to be terminated last year.

Graphic by Pixabay/Illustration by CNET

As many as 100 software developers had improper access to Facebook users' data, including their names and profile pictures, the social networking giant revealed on Tuesday. The developers had access to Groups information through a privilege that was phased out last year, the social network said.

Facebook said it discovered that many developers still had access to data about users in groups, despite changes the company made in April 2018 to cut off this access, Facebook said in a blog post. Facebook said it knew of at least 11 developer partners that had accessed the data in the past 60 days and has contacted about 100 developers who may have had access to the data.

Facebook said it's removed the developers' access to the data.

"Although we've seen no evidence of abuse, we will ask them to delete any member data they may have retained and we will conduct audits to confirm that it has been deleted," Konstantinos Papamiltiadis, Facebook's director of developer platforms and programs, wrote in the blog.

The revelation underscores how data privacy issues continue to plague the world's largest social network. In March 2018, revelations surfaced that UK political consultancy Cambridge Analytica harvested the data of up to 87 million Facebook users without their permission.

The scandal raised concerns about whether the world's largest social network was doing enough to protect user data and sparked scrutiny from lawmakers and regulators. Facebook said in September it suspended tens of thousands of apps for various reasons as part of an investigation into developers who had access to user data it launched last year.

Facebook, which has about 2.4 billion users worldwide, couldn't provide information about how many users may have had their information exposed.