Get all your news in one place.
100’s of premium titles.
One app.
Start reading
The Independent UK
The Independent UK
Business
Rebecca Black

Meta fined more than 250 million euro by Irish data commission following breach

The data breach affected around 29 million Facebook users worldwide (Alamy/PA) -

Meta has been fined more than 250 million euro (£206 million) by the Irish Data Protection Commission over a data breach.

The breach affected approximately 29 million Facebook accounts globally, of which some three million were based in the EU/EEA.

It was reported by Meta in September 2018.

By allowing unauthorised exposure of profile information, the vulnerabilities behind this breach caused a grave risk of misuse of these types of data

DPC Deputy Commissioner Graham Doyle

The personal data involved in the breach included account users’ full names, email addresses, phone numbers, locations, places of work, dates of birth, religions, genders, posts on timelines, groups of which a user was a member and children’s personal data.

It arose from the exploitation by unauthorised third parties of user tokens on the Facebook platform. The breach was remedied by Meta in Ireland and its US parent company shortly after its discovery.

The decisions in relation to the breach, which were made by the Commissioners for Data Protection, Dr Des Hogan and Dale Sunderland, included a number of reprimands and an order to pay administrative fines totalling 251 million euro.

The data breach was remedied by Meta in Ireland and its US parent company shortly after its discovery (Brian Lawless/PA) (PA Archive)

DPC Deputy Commissioner Graham Doyle said a grave risk of misuse of data had been caused.

“This enforcement action highlights how the failure to build in data protection requirements throughout the design and development cycle can expose individuals to very serious risks and harms, including a risk to the fundamental rights and freedoms of individuals,” he said.

“Facebook profiles can, and often do, contain information about matters such as religious or political beliefs, sexual life or orientation, and similar matters that a user may wish to disclose only in particular circumstances.

“By allowing unauthorised exposure of profile information, the vulnerabilities behind this breach caused a grave risk of misuse of these types of data.”

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
One subscription that gives you access to news from hundreds of sites
Already a member? Sign in here
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.