Apple has temporarily disabled its new Group FaceTime feature after a major privacy bug was discovered, exposing a recipient's audio and video without them answering an incoming call.

The bug was first tweeted about on January 21, when a mother raised the issue with Apple boss Tim Cook via Twitter, saying her teenage son had discovered the FaceTime flaw.

Bitdefender Box 2 - Connected Home Cybersecurity Hub - Plug into Your Personal Router

List Price: $199.99

New From: $179.99in Stock

It was then reported by 9to5Mac on January 28, and was found to share the recipient's audio with the caller before they had decided to accept or reject the call.

The bug is specifically a problem with Group FaceTime, the feature only recently launched by Apple (after a delay) where many iOS and Mac users can join an audio or video call at once.

The bug worked like this:

• Call a contact using FaceTime
• As soon as it starts ringing, go to add another contact to the call
• Pick yourself as the additional contact
• You can now hear the audio of the recipient, even if they haven't answered yet

What's more, it was later found that if the recipient pressed the home button (or swiped up to go to their home screen) while being called, the video feed from their device's front-facing camera would automatically be sent to the caller. The recipient remained unaware of all of this, instead only seeing the normal accept/decline screen, without hearing or seeing the caller.

It was also found that the recipient's video would be sent to the caller if they pressed either of their device's volume buttons too.

This is deeply embarrassing for Apple, which caused a stir at the CES technology show in Las Vegas earlier this month. As a dig against the patchy security of its rivals, Apple put up a huge billboard right outside the convention center, reading: "What happens on your iPhone, stays on your iPhone."

Norton Core Secure WiFi Router, 4x4 AC2600 (up to 3000 sq.ft), Protect all your Network and IoT Devices, Parental Controls, Works w/Amazon Alexa, Free one-year of Norton Security included

List Price: $199.99

New From: $99.99in Stock

Used From: $109.99in Stock

The FaceTime bug quickly went viral after a video of it was posted to Twitter on January 28 by Beni Mobb, an artist in Chicago. Evidence of the bug then went viral across Twitter and Snapchat.

However, it looks as if the bug was first tweeted about on January 21. A Twitter user called MGT7 said their teenage son had "found a major security flaw...he can listen in to your iPhone/iPad without your approval."

The woman says she submitted a bug report to Apple and filed "letters, emails, tweets and messages" to Apple but "never heard back from them."

She tweeted to Apple CEO Tim Cook on January 21: "This is real...trying to get Apple's attention to get this addressed. I'm just a mom of a teenager who found a huge security problem in your new update."

Dojo Smart internet security and privacy solution for your Wi-Fi network - Safe from hacks, cyberattacks and privacy breaches, 1 year subscription included

List Price: $99.99

New From: $84.00in Stock

Used From: $99.99in Stock

Naturally, it doesn't take much imagination to realize the harm such a bug could have. Anything the recipient says before answering or rejecting the call, perhaps to a coworker or anyone else, would be heard by the caller.

Apple said it was "aware of this issue and we have identified a fix that will be release in a software update later this week."

As of Monday evening, Apple's system status page acknowledged the issue, described it as "ongoing" and said: "Group FaceTime is temporarily unavailable."

Cybersecurity experts were quick to comment on the flaw. Graham Cluley posted to his website: "Right now, it's hard to tell just how serious this crappy bug is. It doesn't feel like a way for - say - a state-sponsored attacker to open a persistent hot mic on a targeted phone in another nation's government.

"But I would still be deeply disturbed if someone was able to spy on me, even for a short while, without me noticing. It's easy [to see] how it might also be used by jealous partners and obsessive stalkers to spy on the vulnerable."

Rubbing salt into the wound, Monday the day Apple pulled Group FaceTime, was Data Privacy Day (known in Europe as Data Protection Day), a day intended to raise awareness and promote privacy and data protection best practices. It is observed in the US, Canada, Israel and much of Europe..

CUJO AI Smart Internet Security Firewall | Free Subscription (2nd Gen.) - Protects Your Network from Viruses and Hacking/Parental Controls/for Home & Business/Plug Into Your Router

List Price: $176.99

New From: $176.99in Stock

Used From: $119.50in Stock