A security bug was was in Apple’s iOS which allows third-party developers access to iPhone, iPad, or iPod touch’s photo and video location data… as well as the actual photos and videos themselves.
According to The New York Times report, an application that has the permission to user’s location can also access their photos. They demonstrated this by creating a dummy app (not submitted to the App Store) that popped up a notification(like the one above) asking the user for location and when provided had complete access to the photos stored on the device.
It is unclear whether any apps in Apple’s App Store are illicitly copying user photos. Although Apple’s rules do not specifically forbid photo copying, Apple says it screens all apps submitted to the store, a process that should catch nefarious behavior on the part of developers. But copying address book data was against Apple’s rules, and the company approved many popular apps that collected that information.
Apple has yet to comment on this issue but it is believed that they are already working on a fix.
[Source]- The Verge