FOLLOW US

Meta Platforms, Inc., Facebook's parent company, faces hefty penalties after two significant data breaches. The Irish Data Protection Commission (IDPC) recently fined the company $263 million for a 2018 data breach that exposed millions of users’ personal information.

Meta also settled a separate lawsuit in Australia for $31.7 million in connection to the 2016 Cambridge Analytica scandal.

https://usaherald.com/raised-by-a-serial-killer-how-edward-wayne-edwards-daughter-uncovered-his-horrific-crimes/

The 2018 Facebook Data Breach

In 2018, hackers exploited a vulnerability in Facebook’s “View As” feature, allowing unauthorized access to user accounts. According to a Meta Security Update attackers used this flaw to obtain access tokens, effectively hijacking the accounts of approximately 29 million global users.

The stolen data included sensitive information such as users’ full names, email addresses, phone numbers, locations, dates of birth, religions, and even children’s personal details. Notably, three million of the affected accounts belonged to users in the European Union (EU) and the European Economic Area (EEA).

The IDPC criticized Meta for inadequate data protection measures. It found the company failed to design its processing systems with robust security, process personal data only when necessary, and fully disclose information about the breach.

DPC and Meta Respond

Meta responded to the fine, stating, “This decision relates to an incident from 2018. We took immediate action to fix the problem as soon as it was identified, and we proactively informed people impacted as well as the Irish Data Protection Commission.” The company also noted that it now implements “industry-leading measures” to protect users across its platforms.

“This enforcement action highlights how the failure to build in data protection requirements throughout the design and development cycle can expose individuals to very serious risks and harms,” said DPC Deputy Commissioner Graham Doyle. He emphasized that the breach posed “a grave risk of misuse” of users’ profile data.

Cambridge Analytica Scandal Settlement

Separately, Meta settled a $31.7 million lawsuit in Australia related to the Cambridge Analytica scandal. A whistleblower revealed in 2018 that Cambridge Analytica had harvested Facebook user data to influence U.S. voters during Donald Trump’s 2016 presidential campaign and the Brexit referendum.

Facebook discovered the vulnerability three years before the breach but failed to take timely action. The settlement will provide compensation to approximately 311,127 eligible Australians who were impacted. Users must have had an active Facebook account between November 2015 and December 2015 and meet specific criteria to qualify for payment.

Data Breaches are Costly

This case follows a $725 million settlement Meta agreed to pay U.S. users for similar issues, reflecting the company’s ongoing challenges with privacy and data security.

In 2019, Facebook agreed to pay $5 billion to resolve a Federal Trade Commission probe into its privacy practices.