Meta Hit With €251M EU Fine Over 2018 Facebook Data Breach

EU Privacy Regulators Penalize Meta €251M for Data Breach Failures

Author's Avatar
Dec 17, 2024
Summary
  • Ireland’s Data Protection Commission penalized Meta after hackers exploited code bugs, compromising 29 million user accounts
Article's Main Image

European Union privacy regulators fined Meta Platforms (META, Financial), €251 million ($276 million) as part of a 2018 data breach that exposed millions of user's accounts. The penalties were announced after the Data Protection Commission (DPC) in Ireland concluded its investigation into the attack, in which hackers exploited bugs to steal so-called digital 'access tokens' and gain unauthorized access to the accounts.

The Irish DPC, which is subject to the EU's General Data Protection Regulation (GDPR), is Meta's regional privacy cop, with its headquarters in Dublin. It has found multiple GDPR rule violations and has issued reprimands and administrative fines.

The breach, first disclosed by Facebook in 2018, was affecting 50 million accounts. But the DPC said that was actually just 29 million accounts, with 3 million in Europe.

In an appeal, Meta said it took immediate action to quash the issue when it discovered it. It informed regulators in Europe and the United States, including the FBI, and users affected by the incident.

The decision adds yet more regulatory woes to Meta, which must navigate more strict privacy rules in Europe.

Disclosures

I/we have no positions in any stocks mentioned, and have no plans to buy any new positions in the stocks mentioned within the next 72 hours. Click for the complete disclosure