Meta fined $263 million for Facebook security breach affecting 3 million EU users

December 18, 2024 at 5:31:35 AM

TL;DR Meta has been fined €251 million by Ireland’s Data Protection Commission for a 2018 Facebook security breach affecting about 3 million EU users. The breach, which occurred in July 2017, allowed unauthorized access to user profiles due to a bug in a video upload feature. The DPC found that Meta violated GDPR regulations on breach notification and data protection by design. Meta stated it took immediate action to address the issue once it was identified.

Meta fined $263 million for Facebook security breach affecting 3 million EU users

Meta has been fined €251 million (approximately $263 million) by Ireland’s Data Protection Commission (DPC) for a 2018 Facebook security breach that affected around 3 million EU users. The penalty, issued under the General Data Protection Regulation (GDPR), is significant but not the largest Meta has faced since the GDPR's implementation.

The breach originated in July 2017 when a bug in a video upload feature allowed attackers to exploit the “View as” function, enabling unauthorized access to user profiles. Between September 14 and 28, 2018, this vulnerability was exploited to log into approximately 29 million Facebook accounts globally, with 3 million located in the EU. The compromised data included users' names, email addresses, phone numbers, and other personal information.

The DPC's enforcement decisions focused on two inquiries regarding Meta's breach notification and data protection measures. Meta was fined €11 million for failing to provide comprehensive breach notifications and €240 million for not adhering to GDPR principles regarding data protection by design. The DPC emphasized the serious risks posed by unauthorized exposure of sensitive profile information.

In a statement, DPC deputy commissioner Graham Doyle highlighted the importance of integrating data protection into the design process to prevent such vulnerabilities. Notably, this enforcement action faced no objections from other EU supervisory authorities, marking a shift from previous criticisms of the DPC's enforcement actions against Meta.

In response, Meta stated that the incident occurred in 2018, and they took immediate corrective actions while informing affected users and the DPC. Earlier in September, the DPC also fined Meta €91 million for a separate 2019 security breach involving improperly stored passwords.

Have more questions on this topic? Ask our AI assistant for in-depth insights.

The Only Digital Marketing Feed You'll Ever Need.

Stay informed your way. Tailored updates when and how you want them. 100% Free.

10,000+ Users

500+ Sources

1000+ Tools

Or

Related Posts

Meta Intensifies Fight Against Romance Scams Ahead of Valentine's Day

Meta Intensifies Fight Against Romance Scams Ahead of Valentine's Day

Meta
Meta

Official Source

Official Source

Meta is a Official Source. The source has been verified by Swipe Insight team.

Official Source
Top-Notch Google Ads Audit Tool

Top-Notch Google Ads Audit Tool

Featured
Meta Launches Free Curriculum to Protect Students from Online Exploitation

Meta Launches Free Curriculum to Protect Students from Online Exploitation

Meta
Meta

Official Source

Official Source

Meta is a Official Source. The source has been verified by Swipe Insight team.

Official Source
Meta consolidates payment information into Accounts Center

Meta consolidates payment information into Accounts Center

OpenAI Launches Data Residency in Europe for ChatGPT Enterprise, Edu, and API Platform

OpenAI Launches Data Residency in Europe for ChatGPT Enterprise, Edu, and API Platform

OpenAI
OpenAI

Official Source

Official Source

OpenAI is a Official Source. The source has been verified by Swipe Insight team.

Official Source
Meta Enhances Transparency with AI Labels for Ads Products

Meta Enhances Transparency with AI Labels for Ads Products

AI Meta Ads +1 more
Meta
Meta

Official Source

Official Source

Meta is a Official Source. The source has been verified by Swipe Insight team.

Official Source
Meta may halt AI development for systems deemed too risky under new Frontier AI Framework

Meta may halt AI development for systems deemed too risky under new Frontier AI Framework

Meta Achieves Record Q4 2024 Revenue and User Growth with Ambitious AI Investment Plans

Meta Achieves Record Q4 2024 Revenue and User Growth with Ambitious AI Investment Plans

Related Tools

Marketing Auditor logo

Marketing Auditor

Verified Tool

Verified Tool

Marketing Auditor is a Verified Tool. Want to get this badge? Contact us.

Verified Tool

Automated audits for Google Ads and Analytics.

Get Featured Here

Showcase your tool in this list.

Contact Us
Dash Hudson logo

Dash Hudson

Manage social media with insights and workflow tools

Organic Social