Facebook said Friday a security glitch may have let third-party apps access the private photos of as many as 6.8 million users, the latest example of the social media company failing to protect people's online content.

The incident, which took place during a 12-day period in September, included images never fully uploaded to the platform and those not publicly posted, Facebook said. The company said it detected the bug and fixed it Sept. 25.

The security lapses come as Facebook works to repair the damage to its reputation from missteps that include the Cambridge Analytica data privacy scandal and failing to stop Russian use of the site to meddle in the 2016 U.S. presidential election. Hackers also accessed data belonging to tens of millions of users, the company revealed in September.

Facebook apologized for the incident in a post written by one of its engineering directors, Tomer Bar, who added the company was working to address the problem.

"Early next week we will be rolling out tools for app developers that will allow them to determine which people using their app might be impacted by this bug," he wrote. "We will be working with those developers to delete the photos from impacted users."