Facebook on Thursday acknowledged that it accentally exposed the private posts of 14 million users over the span of a few days last month.
From May 18 through May 22, when Facebook was testing a new feature, any posts published by those 14 million users were automatically made public — even if the user’s privacy settings should have restricted who could see them. Facebook corrected the mistake, and by May 27, it changed back the affected posts. That means someone could have unwittingly shared a post publicly for as long as nine days.
Starting Thursday, Facebook is letting the affected users know and asking them to review any posts they made during that time.
“To be clear, this bug did not impact anything people had posted before – and they could still choose their audience just as they always have,” Chief Privacy Officer Erin Egan said in a statement. “We’d like to apologize for this mistake.”
The mistake occurred when Facebook was testing out “featured” posts, which lets users share certain posts publicly.
The mishap is just the latest incident to come to light in recent months showing how Facebook has mishandled its users’ data. The social media giant has come under scrutiny from users and government officials around the globe since acknowledging that information from tens of millions of users had been improperly shared with the shady analytics firm Cambridge Analytica.