Meta Faces €251 Million Fine for Facebook Account Breach

Wednesday 18 December 2024 - 11:10

Meta, the parent company of Facebook, has been fined €251 million by an Irish regulatory authority for a significant data protection failure. This breach, which occurred in 2018, led to the hacking of approximately 29 million Facebook accounts globally, exposing sensitive user information such as email addresses, phone numbers, locations, and workplace details.

The Irish Data Protection Commission (DPC), responsible for monitoring compliance with European Union data privacy laws, identified a security flaw in Facebook's video upload feature as the source of the vulnerability. Hackers exploited this weakness, gaining unauthorized access to user profiles over a two-week period.

Graham Doyle, spokesperson for the DPC, emphasized the gravity of the situation, stating, “The absence of data protection measures throughout the design and development cycle can expose individuals to serious risks, including threats to their fundamental rights and freedoms.” He added that the vulnerabilities allowed unauthorized exposure of profile data, creating a high risk of misuse.

This incident is part of a broader crackdown on technology companies by global regulators. In recent years, Meta has faced multiple fines for similar violations. For instance, in September, the DPC imposed a €91 million penalty on the company for failing to adequately secure user passwords and delaying the notification of regulators about a breach.

The latest fine underscores the increasing scrutiny faced by tech giants to prioritize user data protection. It serves as a reminder that robust security measures are essential to safeguarding personal information in today’s digital landscape.