14m users affected by Facebook privacy bug that makes posts public

A software bug means that up to 14m Facebook users may have unknowingly posted private information to the public, the firm has warned. A glitch that was active between 18 and 22 May set posts to be shared with “everyone”, even if users had previously chosen a more restricted option as their default.

Users who may have been affected will be notified through the sites newsfeed, and told which posts were shared in error. While the glitch was only active between 18 and 22 May, it took until 27 May for Facebook to restore all posts to their default privacy setting.

“This bug occurred as we were building a new way to share featured items on your profile, like a photo,” said Erin Egan, chief privacy officer at Facebook. “Since these featured items are public, the suggested audience for all new posts – not just these items – was set to public. Out of an abundance of caution we are letting anyone affected know today and asking them to review Facebook posts they made during that time.

“Weve heard loud and clear that we need to be more transparent about how we build our products and how those products use your data – including when things go wrong. And that is what we are doing here.”

This isnt Facebooks only privacy-related mistake this week – on Monday, it was revealed that the social network had signed data-sharing agreements with over 60 manufacturers including Apple and Samsung over the past 10 years. Many of these agreements are still in place, despite Facebooks assurances that it no longer gives developers access to personal information.

Jonathan Mayer, a professor of computer science and public affairs at Princeton University, said on Twitter that this latest bug “looks like a viable Federal Trade Commission/state attorney general deception case” as Facebook had promised that the most recent privacy preferences set up by users would be maintained for future posts.