Ireland fines Meta 250 million euros over a massive data breach in 2018

The Irish Data Protection Authority decided to impose a fine of 251 million euros ($263.5 million) on Meta Platforms, owner of the social network Facebook, due to a massive data breach of about 29 million users worldwide in 2018.
Hackers exploited a technical vulnerability that allows third parties to access Facebook users’ personal data without their consent.
According to the Data Protection Authority, three million users affected by data theft lived in the European Union.
The stolen data included the users’ first and last names, email addresses, phone numbers, places of residence and work, date of birth, religious affiliation, gender, participation on Facebook pages, and their children’s data.
This data was obtained during the period from September 14 to 28, 2018, before Facebook successfully patched the vulnerability.
For his part, Graham Doyle, Vice President of the Authority, said, “This executive move highlights the extent of the danger and damage to which individuals are exposed as a result of the failure to build data protection systems through the design and development of a protection circuit that can be hacked, including the threat to the basic rights and freedoms of individuals.”
He added, “By allowing unauthorized access to information files, the vulnerabilities that led to this hack created a significant risk of misuse of these types of data.”
Meta is expected to appeal the fine decision.
A Meta spokesman told Irish radio station RTE: “We acted immediately to remedy the issue as soon as we identified it and proactively notified people affected by the breach along with the Irish Data Protection Authority.”