Meta Hit with €251 Million Fine Over 2018 Facebook Data Breach
A massive data breach in 2018 exposed the personal information of over 50 million Facebook users, with around 3 million of those accounts in the European Union. Hackers exploited vulnerabilities in Facebook’s system, gaining access to user details such as full names, contact information, date of birth, religious affiliation, gender, and even the data of their children.
Following the breach, Meta Platforms Ireland Limited (MPIL), alongside its parent company in the US, worked to resolve the issue. However, the Irish Data Protection Commission (DPC) has now fined Meta Ireland a total of €251 million due to multiple failures related to the breach.
The fines were imposed for several reasons, including MPIL’s failure to provide complete and accurate information in its data breach notification, resulting in an €8 million fine. Meta also failed to properly document the breach details and its response, earning a €3 million fine. The company was found to have neglected to protect data privacy in the design of its systems, leading to a €130 million fine, and failed to ensure that only necessary data was processed, resulting in an additional €110 million penalty.
Given the significant financial penalty and implications for data protection, Facebook is likely to appeal the decision.