Facebook has admitted to a design flaw in Messenger Kids app that allowed young users on the platform to participate in group chats with adults, without their parents’ permission.

The acknowledgement comes weeks after US Democratic senators Edward Markey and Richard Blumenthal urged the social media giant to prioritize children’s privacy and safety online.

Meet with experts in finance, blockchain, and business

Don’t miss Hard Fork Summit in Amsterdam

Get tickets

“We are in regular contact with the FTC on many issues and products, including Messenger Kids,” Facebook Vice President Kevin Martin wrote in a response to the lawmakers, describing the flaw as a “technical error.”

Messenger Kids is billed as a safe haven for kids 13 and under, and a way for them to use the chat app without parental fears of exposing them to strangers. But the flaw meant they could circumvent the restrictions and talk to unauthorized contacts.

The privacy flaw is specifically a matter of concern because it comes under the purview of Children’s Online Privacy Protection Act (COPPA).

Privacy advocates are already up in arms against Messenger Kids, accusing Facebook of violating COPPA by collecting kids’ personal information “without obtaining verifiable parental consent or providing parents with clear and complete disclosures of Facebook‘s data practices.”

The error appears to have been introduced in October 2018, roughly 10 months after the app was launched. Facebook said it discovered the flaw two months ago on June 12, and fixed it the next day. It would go on to notify parents a month later, on July 15, but not before identifying the affected chat threads and disabling them.

But the senators aren’t convinced. “We are particularly disappointed that Facebook did not commit to undertaking a comprehensive review of Messenger Kids to identify additional bugs or privacy issues,” they said in response to Facebook’s letter.

The development also comes at an awkward time for Facebook which is looking to put its string of privacy issues behind as it executes a data security program following a $5 billion settlement with US Federal Trade Commission. At this stage, it’s unclear if the FTC plans to take the Big F to task for its latest infraction.

Read next: Huawei might launch the Mate 30 without Play Store and Google apps (Update: arriving September 19)