EU legislative records or announcements from the European Commission

Meta Fined €251 Million by Ireland for 2018 Data Breach Affecting 29 Million Users via 'View As' Feature

Dec 17, 2024, 03:57 PM

Meta Platforms Inc. has been fined €251 million by Ireland's Data Protection Commission (DPC) for a data breach that occurred in 2018, affecting approximately 29 million Facebook users worldwide, including about 3 million in the European Union and European Economic Area. The breach was caused by hackers exploiting a vulnerability in the 'View As' feature of Facebook, which allowed unauthorized access to users' personal data such as names, email addresses, phone numbers, and other sensitive information. The DPC's decision includes a €130 million penalty for failing to effectively implement data protection principles, a €110 million penalty for storing more user data than necessary, and an €11 million penalty for GDPR breaches related to insufficient breach notification and inadequate documentation of vulnerability remediation efforts.