Facebook is having to douse yet another privacy blaze – as the social network admitted to inadvertently setting some of its addicts' private posts to public, meaning anyone could read them.
The web goliath said that about 14 million people were affected by a bug that, for a nine-day span between May 18 and 27, caused profile posts to be set as public by default, allowing any Tom, Dick or Harriet to view the material.
"We recently found a bug that automatically suggested posting publicly when some people were creating their Facebook posts. We have fixed this issue and starting today we are letting everyone affected know and asking them to review any posts they made during that time," Facebook chief privacy officer Erin Egan said in a statement to The Register.
"To be clear, this bug did not impact anything people had posted before – and they could still choose their audience just as they always have. We’d like to apologize for this mistake."
The cockup is thought to have stemmed from new features Facebook was testing to allow users to share "featured" items on their profile that are set to "public" viewability. Unfortunately, the feature caused all new posts, not just the featured items, to be made "public."
Facebook said it will notify all users who may have been hit by the programming error.
Facebook's new data centre cooling system takes the heat like Zuck in front of CongressREAD MORE
The blunder is yet another embarrassing gaffe for Facebook at a time when the biz can hardly afford to cast further doubt on its ability to secure the personal details of its users.
Less than three months ago, Facebook was sent scrambling to manage the crisis that erupted after it was found that researchers with Cambridge Analytica were able to scrape the profile information of tens of millions of Facebook profiles via fake apps.
It was later revealed that the research group was far from alone with its shady dealings, and some 200 apps would be suspended for violating Facebook's terms of service.
"We didn’t take a broad enough view of our responsibility, and that was a big mistake," CEO Mark Zuckerberg would tell US Congress.
"It was my mistake, and I’m sorry." ®
Sponsored: Webcast: Ransomware has gone nuclear