This week, three percent of the apps using Facebook Analytics had their weekly summary reports of sensitive information sent to their app’s testers instead of the app’s developers, admins, and analysts.
Unsurprisingly, Facebook has made yet another massive mistake with data, one of several in recent months. An app developer recently contacted TechCrunch to inform them that their weekly app summary had been emailed to one of their external testers rather than their development team. These summaries include sensitive information for developers such as the weekly average users of the app, the number of page views, and new users on the platform. All of these things can affect the popularity of an app and it’s ability to gain investors. Facebook has now allegedly leaked this information to public testers of 3 percent of the apps on their platform.
Testers for apps are often people outside of the developer’s company. Developers give their apps to outsiders to test in order to gain an insight into how actual users would interact with the app. Many testers received the weekly app summary updates of the apps they were testing in a move that could potentially jeopardize the success of multiple apps. Facebook now claims to have fixed the issue and stated that no personally identifiable info or contact details were disclosed in the weekly app summaries but it could lead to negative repercussions for developers, who Facebook plan to inform about the error later today.
A Facebook spokesperson told TechCrunch:
“Due to an error in our email delivery system, weekly business performance summaries we send to developers about their account were also sent to a small group of those developer’s app testers. No personal information about people on Facebook was shared. We’re sorry for the error and have updated our system to prevent it from happening again.”
This is the email that Facebook is sending to developers affected by the error:
Subject line: We recently resolved an error with your weekly summary email
We wanted to let you know about a recent error where a summary e-mail from Facebook Analytics about your app was sent to testers of your app ‘[APP NAME WILL BE DYNAMICALLY INSERTED HERE]’. As you know, we send weekly summary emails to keep you up to date with some of your top-level metrics — these emails go to people you’ve identified as Admins, Analysts and Developers. You can also add Testers to your account, people designated by you to help test your apps when they’re in development.
We mistakenly sent the last weekly email summary to your Testers, in addition to the usual group of Admins, Analysts and Developers who get updates. Testers were only able to see the high-level summary information in the email, and were not able to access any other account information; if they clicked “View Dashboard” they did not have access to any of your Facebook Analytics information.
We apologize for the error and have made updates to prevent this from happening again.
One developer told TechCrunch: “Not sure why it would ever be appropriate to send business metrics to an app user. When I created my app (in beta) I added dozens of people as testers as it only meant they could login to the app…not access info!”