Meta (NASDAQ: META) has been fined $101.5 million (€91 million) by Ireland’s Data Protection Commission (DPC) for failing to secure hundreds of millions of Facebook users’ passwords during a 2019 data breach.
The DPC’s investigation, prompted by Meta’s self-reporting, revealed that these passwords were stored in plaintext on internal systems, violating the General Data Protection Regulation (GDPR). Despite Meta’s claims of no data misuse, the breach left sensitive user information vulnerable to potential internal access.
The fine comes after a multiyear inquiry by the DPC, which determined that Meta not only failed to implement appropriate encryption but also violated GDPR’s breach notification and documentation requirements.
Meta’s spokesperson responded by noting the company’s immediate action to rectify the issue while acknowledging the error in password management processes.
Why It Matters: The fine underscores the growing importance of data protection in the digital age, as major tech companies like Meta are repeatedly scrutinized for security lapses. GDPR continues to set a global benchmark for privacy standards, holding companies accountable for safeguarding user data and reinforcing the consequences of neglecting such responsibilities.
- Massive Fine Imposed: Ireland’s DPC issued a $101.5 million fine against Meta for storing Facebook passwords in plaintext during a 2019 breach.
- Violation of GDPR Standards: Meta’s actions breached several GDPR requirements, including failure to encrypt user passwords and report the breach within the mandated 72-hour window.
- Hundreds of Millions Affected: The breach exposed passwords of hundreds of millions of Facebook users, posing a significant risk to their personal data security.
- Meta’s Response: Meta acknowledged the error, claiming the issue was internally contained and no evidence suggested external abuse of the compromised passwords.
- Recurrent Issues: Meta has faced multiple GDPR fines, reflecting ongoing challenges with privacy compliance despite efforts to correct course.