Meta Fined $101.5 Million by Irish Data Protection Commission for 2019 Security Breach

Meta to Remove More Content Targeting Zionists Misused to Refer to Jews and Israelis, Antitrust

Key Points

  • The Irish DPC fined Meta $101.5 million (€91 million) for storing user passwords in plain text.
  • The breach affected up to 600 million passwords, accessible internally by 20,000 employees but not external parties.
  • The DPC ruled Meta violated several GDPR, including delayed breach notification and inadequate security measures.
  • The company received a formal reprimand, with further details to be disclosed in the DPC’s final decision.

The Irish Data Protection Commission (DPC) has fined Meta $101.5 million (€91 million) following the conclusion of its investigation into a 2019 security breach in which millions of user passwords were stored in plain text. Meta first disclosed the breach in January 2019, but the company later updated its announcement to reveal that Instagram user passwords were also affected.

The breach reportedly involved as many as 600 million plain-text passwords stored on Meta’s servers. The issue had gone unnoticed since 2012, and these passwords were accessible by over 20,000 Meta employees, though the DPC clarified that external parties did not have access to the compromised data.

According to the DPC’s investigation, Meta violated several General Data Protection Regulation (GDPR) rules. Specifically, the company failed to promptly notify the regulator of the breach and did not properly document the incident. Additionally, Meta failed to implement appropriate technical measures to ensure the security of users’ passwords, which would have protected them against unauthorized access.

The DPC highlighted the gravity of storing passwords in plain text, especially considering the risks involved in compromising social media accounts. Graham Doyle, the DPC’s Deputy Commissioner, emphasized that this lapse in security practices was particularly serious because the passwords at risk could have allowed unauthorized access to users’ social media accounts.

In addition to the hefty fine, the DPC also issued Meta a formal reprimand. The full details of this reprimand will become clearer once the DPC publishes its final decision and related documents in the coming days.

While Meta has acknowledged the breach and taken steps to address the issue, the DPC’s ruling underscores the importance of safeguarding personal data in compliance with GDPR standards.

EDITORIAL TEAM
EDITORIAL TEAM
TechGolly editorial team led by Al Mahmud Al Mamun. He worked as an Editor-in-Chief at a world-leading professional research Magazine. Rasel Hossain and Enamul Kabir are supporting as Managing Editor. Our team is intercorporate with technologists, researchers, and technology writers. We have substantial knowledge and background in Information Technology (IT), Artificial Intelligence (AI), and Embedded Technology.

Read More

We are highly passionate and dedicated to delivering our readers the latest information and insights into technology innovation and trends. Our mission is to help understand industry professionals and enthusiasts about the complexities of technology and the latest advancements.

Visits Count

Last month: 86272
This month: 15410 🟢Running

Company

Contact Us

Follow Us

TECHNOLOGY ARTICLES

SERVICES

COMPANY

CONTACT US

FOLLOW US