An Irish regulator enforcing EU data privacy laws has fined Meta, the parent company of Facebook, $101 million for severe Meta data breach fine violations concerning password security. The Data Protection Commission (DPC) criticized Meta for failing to implement adequate security measures to protect users’ password data and for its delayed notification of the issue to the regulatory body.
The investigation began in April 2019 after Meta Ireland reported to the DPC that it had “accidentally stored certain social media users’ passwords” in a readable format on its internal systems.
Graham Doyle, the DPC’s head of communications, emphasized the critical importance of safeguarding user passwords: “It’s a well-established principle that user passwords should never be stored in plaintext, given the potential risks of misuse if unauthorized persons gain access to the data.”
The breach, which occurred in January 2019, affected 36 million Facebook and Instagram users across the European Economic Area, including EU nations, Iceland, Liechtenstein, and Norway. The regulator further criticized Meta for failing to inform the DPC about the breach until March 2019.
In response, Meta acknowledged the error, stating that some Facebook users’ passwords were “temporarily stored in a readable format” within their internal systems. The company added, “We acted immediately to correct this error, and there is no evidence that these passwords were misused or improperly accessed. We voluntarily notified our lead regulator, the Irish Data Protection Commission, and have cooperated fully throughout the investigation.”
As many global tech giants, including Google, Apple, and Meta, have established their European headquarters in Dublin, Ireland’s data protection authority plays a crucial role in regulating these companies.
While the fine is relatively minor compared to Meta’s multi-billion-dollar revenue, it reflects a broader trend of penalties being imposed on major tech firms as regulators strive to rein in their influence on issues related to taxation, competition, and disinformation.
In parallel, Ireland has initiated an investigation into Google’s artificial intelligence developments. The European Commission recently achieved two significant legal victories, resulting in Apple and Google being ordered to pay billions of euros.
Also Read: Meta AI Assistants Now Feature Celebrity Voices
An EU court also overturned a €1.49 billion fine previously imposed on Google for abusing its dominance in online advertising. Additionally, tech firms continue to engage in legal battles, with Google lodging a complaint against Microsoft for alleged “anticompetitive” licensing practices aimed at promoting its cloud services.
