Meta Faces Stiff Penalty for Data Protection Failures

The Irish Data Protection Commission (DPC) has levied a hefty €251 million fine against Meta Platforms Ireland for a 2018 data breach that compromised the personal information of approximately 29 million Facebook users globally, including 3 million in the European Union.

According to the DPC, the breach exposed a wide range of personal data categories, such as user's full name, email address, phone number, location, place of work, date of birth, religion, gender, posts on timelines, groups of which a user was a member, and children's personal data. Despite Meta's swift action to rectify the issue, the incident violated multiple data protection regulations.

DPC Deputy Commissioner Graham Doyle emphasized that the enforcement action underscores the severe risks and harms associated with inadequate data protection measures. "By allowing unauthorised exposure of profile information, the vulnerabilities behind this breach caused a grave risk of misuse of these types of data," he noted.