NEW YORK (AP) — Facebook says a software bug may have exposed a broader set of photos to app developers than users had granted permission for.

The company said Friday that the bug affected 6.8 million people who used Facebook to log in to other services and granted permission for third-party apps to access the photos for 12 days in September. The bug has been fixed.

Generally when people give apps access to their photos, this only means photos posted on their Facebook page.

Facebook says the bug potentially gave developers access to other photos, such as those shared on Marketplace or on Facebook Stories. The bug also affected photos that people uploaded to Facebook but chose not to post or could not post for technical reasons.

According to cyber experts, the chance of the photos showing up somewhere else, is unlikely. "There is the potential for that, but I would think it's fairly limited in this case, because of how this exposure happened and how quick they caught on to it," said Geoff Gardiner, Owner/President of Rescue Dog Technology.