Skip to main content

Facebook security flaw exposes private photos

Photos of Mark Zuckerberg about to slay a chicken for food have been revealed

Facebook has moved quickly to lockdown a security flaw which briefly allowed users to see your private photo albums, just by reporting a public photo as containing nudity.

As a means of making his point, the hacker was able to exploit the flaw to access the private albums of Facebook CEO Mark Zuckerberg before posting them online.

Prior to the fix, it seems that reporting a photo as nudity or pornography would allow you to view other photos listed as private.

The idea was to enable the offended party to make the social network aware of further lewd pictures.

Just a bug, says Facebook

A Facebook spokesperson admitted the flaw to Gizmodo, attributing the security lapse to a bug in a recent code push.

The statement said: "Earlier today, we discovered a bug in one of our reporting flows that allows people to report multiple instances of inappropriate content simultaneously.

"The bug allowed anyone to view a limited number of another user's most recently uploaded photos irrespective of the privacy settings for these photos.

"This was the result of one of our recent code pushes and was live for a limited period of time. Upon discovering the bug, we immediately disabled the system, and will only return functionality once we can confirm the bug has been fixed."

This revelation was the last thing that Facebook needed following its reprimand from the FTC in the United States over a series of privacy violations.