Meta, the parent company of Facebook, has been fined €251 million ($263.5 million) by Ireland’s Data Protection Commission (DPC) for a significant security breach that exposed the personal data of millions of users. The fine, announced on Tuesday, is related to a 2018 breach that affected 29 million Facebook accounts globally.
According to Reuters, the breach was caused by a vulnerability in Facebook’s code, specifically targeting the “View As” feature. This feature allows users to see how their profile appears to others. The cyberattack, which exploited this flaw, resulted in unauthorized access to a wide range of personal information, including names, contact details, locations, dates of birth, gender, religious beliefs, workplace information, and even data about users’ children.
In a statement, DPC Deputy Commissioner Graham Doyle described the breach as a serious security risk, stating, “By allowing unauthorized exposure of profile information, the vulnerabilities behind this breach caused a grave risk of misuse of these types of data.”
While Meta quickly addressed the vulnerability and resolved the breach after it was discovered, the impact of the attack was far-reaching. Out of the 29 million affected accounts, approximately 3 million were located within the European Union and European Economic Area.
Related: Court Reinstates Phhhoto’s Antitrust Case Against Meta, Accusing Algorithm Manipulation
The DPC, which serves as the lead regulator for many of the top U.S. tech companies operating in Europe, has levied substantial fines on Meta under the EU’s General Data Protection Regulation (GDPR) since its implementation in 2018. This latest fine brings the total penalties against Meta to nearly €3 billion. Notably, the company is currently appealing a record €1.2 billion fine imposed in 2023.
Meta has expressed its intention to appeal the latest penalty, asserting that it has implemented a range of measures to enhance user privacy and security across its platforms. The social media giant continues to face scrutiny as the DPC and other regulators closely monitor compliance with GDPR standards.
Source: Reuters
Featured News
EU Regulator Fines Meta €251 Million Over 2018 Facebook Data Breach
Dec 17, 2024 by
CPI
US Antitrust Chief Jonathan Kanter to Step Down After Pivotal Three-Year Tenure
Dec 17, 2024 by
CPI
Sandoz Settles Price-Fixing Allegations with $275 Million Agreement
Dec 17, 2024 by
CPI
South Korea Fines Kakao Mobility $10.5 Million for Antitrust Violations
Dec 17, 2024 by
CPI
Carlsberg’s $4.23 Billion Britvic Acquisition Gets Final UK Approval
Dec 17, 2024 by
CPI
Antitrust Mix by CPI
Remedies After Illumina/GRAIL– The Thorny Question of Proportionality
Dec 17, 2024 by
CPI
Why Was Illumina/GRAIL Blocked in the EU? Reviewing The European Commission’s Assessment of Vertical Mergers in Light of the 2022 Prohibition Decision
Dec 17, 2024 by
CPI
The Role of Uncertainty in the Future European Horizontal Merger Guidelines: Lessons Learned From Illumina/GRAIL
Dec 17, 2024 by
CPI
Illumina’s Light on Article 22 EUMR: The Suspended Step and Uncertain Future of EU Merger Control Over Below-Threshold “Killer” Mergers
Dec 17, 2024 by
CPI
EU-Level Jurisdiction Over “Killer Acquisitions” in the Aftermath of Illumina/GRAIL
Dec 17, 2024 by
CPI