Meta, the company behind Facebook, has been fined €251 million ($263 million) by Ireland’s Data Protection Commission (DPC). This is due to a 2018 data breach that exposed the personal information of 29 million Facebook users worldwide, including 3 million in the European Union.
The breach happened when hackers exploited Facebook’s “View As” feature, which lets users see how their profile looks to others. A bug in this feature allowed attackers to steal digital keys, called access tokens, giving them control of user accounts. Hackers accessed sensitive information like names, contact details, locations, and more.
The DPC said Meta violated the EU’s strict General Data Protection Regulation (GDPR) by not doing enough to protect user data and failing to provide complete details about the breach. The regulator highlighted the serious risks this kind of exposure creates for users.
Meta quickly fixed the issue after it was discovered in 2018 and notified affected users, but this incident is another in a series of fines the company has faced in the EU. Earlier in 2023, Meta was fined €1.2 billion for transferring EU user data to the U.S.
While Meta plans to appeal the decision, this fine shows the EU is serious about holding big tech companies accountable for protecting users’ data.
Privacy matters, and the EU’s actions send a clear message to companies operating in the region.
Leave a Reply