Monday, January 13, 2025
HomeInternetFacebook Bug Leaks 14 Million Users New Private Posts in Public by...

Facebook Bug Leaks 14 Million Users New Private Posts in Public by Default

Published on

A New Facebook bug allows automatically suggested around 14 Million users new posts set in public by default from May 18 to May 22.

Facebook provides a privacy setting to set the users post in various categories such as “Public” (anyone), “Friends”, or “Friends and Connections”.

Due to this Facebook’s internal Error, the post could be read by anyone can see regardless of default setting which already set by users.

For Example, when the users set their privacy setting as “Private” then they will share their post which should remain private.

But the post could be read by anyone and it doesn’t care about the user’s Default privacy setting due to this Bug.

According to CNN, Facebook posts typically default to the last “audience” a post was shared with, such as family members, friends, or friends except for their boss. That default was changed to the public for the 14 million users, but if affected users noticed, they could have manually switched the setting themselves.

This Error Occurred when Facebook tried to implement the new futures on the user’s profile, like a photo.

Since the future items are public, the suggested audience for all new posts –0 not just these items – was set to public.

Also, Facebook cleared that this bug did not impact anything people had posted before, and they could still choose their audience just as they always have.

Facebook bug has been fixed and they changed the audience back to what they’d been using before for all the affected users.

We’ve heard loud and clear that we need to be more transparent about how we build our products and how those products use your data – including when things go wrong. And that is what we are doing here. Facebook said.

Also Read:

Beware !! Chrome Spyware Extensions Stealing Facebook Data, Location and Millions of Users Browser History

3 Million Facebook Users Highly Sensitive Data Leaked by Personality App, called myPersonality in Last 4 Years

Facebook’s New Tool to Detect and Alert Website Owners About Phishing Attacks

100,000 Users Infected With the Password Stealing Malicious Chrome Extension Distributed Through Facebook

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

Critical macOS Vulnerability Lets Hackers to Bypass Apple’s System Integrity Protection

Microsoft Threat Intelligence has uncovered a critical macOS vulnerability that allowed attackers to bypass...

CISA Released A Free Guide to Enhance OT Product Security

To address rising cyber threats targeting critical infrastructure, the U.S. Cybersecurity and Infrastructure Security...

Microsoft Warns of MFA Issue Affecting Microsoft 365 users

Microsoft has issued a warning regarding an ongoing issue with Multi-Factor Authentication (MFA) that...

RedCurl APT Deploys Malware via Windows Scheduled Tasks Exploitation

Researchers identified RedCurl APT group activity in Canada in late 2024, where the attackers...

API Security Webinar

72 Hours to Audit-Ready API Security

APIs present a unique challenge in this landscape, as risk assessment and mitigation are often hindered by incomplete API inventories and insufficient documentation.

Join Vivek Gopalan, VP of Products at Indusface, in this insightful webinar as he unveils a practical framework for discovering, assessing, and addressing open API vulnerabilities within just 72 hours.

Discussion points

API Discovery: Techniques to identify and map your public APIs comprehensively.
Vulnerability Scanning: Best practices for API vulnerability analysis and penetration testing.
Clean Reporting: Steps to generate a clean, audit-ready vulnerability report within 72 hours.

More like this

Is this Website Safe: How to Check Website Safety – 2025

is this website safe? In this digital world, Check a website is safe is...

LegionLoader Abusing Chrome Extensions To Deliver Infostealer Malware

LegionLoader, a C/C++ downloader malware, first seen in 2019, delivers payloads like malicious Chrome...

North Korean Hackers Stolen $2.2 Billion From Crypto Platforms In 2024

Cryptocurrency hacking incidents in 2024 surged 21.07% YoY to $2.2 billion, with 303 breaches...