Wired:

Friday Morning, Facebook disclosed the latest in the ongoing series of privacy and security lapses that have come to define the company in 2018. For nearly two weeks in September, a bug let third-party developers view the photos of up to 6.8 million Facebook users, whether they’d shared them or not.

Here’s the source link on all of that.

The real fun of it all? Here, I’ll let Wired break that down…

Europe’s General Data Protection Regulation, which went into effect earlier this year, gives companies 72 hours to notify the authorities of a breach. It’s been well over 72 days since Facebook first spotted the Photos API issue.

Good luck with that one, Zuckerberg! Someone’s got a fine coming.