• by Wendy Davis  @wendyndavis, December 14, 2018

Facebook disclosed Friday that a software glitch allowed outside developers to access photos that users had uploaded to the service, but hadn't made public.

The glitch may have affected up to 6.8 million users who uploaded photos between September 13 and September 25 of this year, the company said.

“We're sorry this happened,” Facebook employee Tomer Bar wrote in a blog post. He said a software bug may have given developers access to photos that were shared on Marketplace or Facebook Stories, as well as photos people uploaded but never posted.

“If someone uploads a photo to Facebook but doesn't finish posting it -- maybe because they've lost reception or walked into a meeting -- we store a copy of that photo so the person has it when they come back to the app to complete their post,” he wrote.

Facebook said it plans to work with developers to delete the photos from users who were affected by the software bug. The company also says it will notify affected users.

It's not clear whether the news will trigger a new Federal Trade Commission investigation. Facebook is currently operating under a 2012 consent decree that prohibits the company from sharing information more broadly than its privacy policy allowed when users uploaded the data.

For Facebook, the revelation marks yet another in a series of privacy mishaps. In September, Facebook said hackers were able to obtain personal information of around 50 million users.

Earlier this year, it emerged that President Trump's data consultancy, Cambridge Analytica, harvested information from up to 87 million Facebook users. Cambridge Analytica, now defunct, received the information from researcher Aleksandr Kogan, who obtained it in 2014 through the personality-quiz app "thisisyourdigitallife." Only 270,000 Facebook users downloaded Kogan's app, but he was able to gather data about many of those users' contacts.