Meta Fined Record €251M for 2018 Data Breach Affecting 3M EU Users
Meta, the parent company of Facebook and Instagram, has been fined a record €251 million by the Irish Data Protection Commission (DPC) for a 2018 data breach. The breach exposed sensitive user data, including passwords stored in plain text, affecting around three million EU-based accounts.
The breach, which Meta itself reported, violated several GDPR articles. It occurred due to inadequate security measures, delayed notification to the authority, and failure to follow data protection principles in system design. The exposed data included full names, email addresses, phone numbers, locations, places of work, dates of birth, religion, gender, posts, groups, and even children's personal data.
The DPC's draft decision, published without objections from other EU supervisory authorities, highlights Meta's failure to fully notify the breach, properly document it, and limit data processing to necessary purposes. This is the first major fine imposed under the GDPR, reflecting the seriousness of the breach and the need for stricter data protection measures.
The €251 million fine, equivalent to approximately $263 million, is a significant penalty for Meta. It serves as a stark reminder of the importance of robust data protection measures and timely breach notifications. The DPC's decision is a clear signal that companies must prioritise user data security and comply with GDPR regulations.
Read also:
- Efficacy Worldwide Bolsters Leadership Team with Key Appointments
- Bank of America reveals investigation into Zelle platform, hints at potential legal action
- Ledger Unveils Flex Solana Edition: Secure, Custom Crypto Wallet
- Laura Marie Geissler's Financial Profile and Professional Journey: An In-depth Analysis of Her Financial Status and Career Path
