It looks like Meta will end 2024 with some huge expenses. This is due to a security breach involving Meta-owned Facebook, which the company disclosed back in September 2018, which ultimately resulted in the company being fined a whopping $263M.
Massive fine
The $263 million fine was issued by Ireland’s Data Protection Commission (DPC). It basically enforces the EU’s General Data Protection Regulation (GDPR). Will Meta pay the fine? It seems that the company is trying not to. According to Meta, there are plans to appeal the decision.
In a statement, the company says that it took “immediate action to fix the problem”. The company also say that it had “proactively informed people impacted”. Based on the ruling, it seems that Ireland’s DPC doesn’t think it was enough.
The security breach took place back in 2018. It appears that the breach took place through the exploitation of bugs in Facebook’s code. This allowed the hackers to steal access tokens, which in turn allowed them to log on as the account holders. This affected approximately 29 million Facebook accounts worldwide, with 3 million accounts based in the EU.
As there were users in the EU that were affected, it meant that the DPC could get involved.
The breach contained a lot of personal user information. This included the full names of users, their email addresses, phone numbers, locations, places of work, birth dates, religion, and more. Granted, this might be information that a user would have publicly shared on their Facebook profile, but the point is that users should have control and consent over who gets to see their information.
Not Meta’s first rodeo
Interestingly enough, although not entirely unsurprising, is that this wouldn’t be the first time Meta has been hit with fines over privacy-related issues. The company has been slapped with a $15 million fine over the gathering and distribution of sensitive user data without proper consent.
The company was also given a massive $102 million fine for storing passwords in plaintext. Yes, you read that right. A company as huge as Meta somehow did not have the better sense to encrypt its passwords, instead choosing to store it in plaintext where even a 5-year-old could read them.
Let’s not forget the massive controversy surrounding Facebook and Cambridge Analytica. This resulted in possibly the largest damages Meta/Facebook had to pay to date to the tune of $725 million. Somehow it seems unlikely that this will be the last time Meta will be facing these types of fines.
