November 29, 2022

Another fine has visited tech giant Meta, as Ireland’s Data Protection Commission slammed the company with a €265 million fine (about $276 million) after an April 2021 data leak exposed the information of more than 533 million users to so-called data scrapers.

The DPC launched the investigation shortly after the news of the leak broke, with the goal of determining whether Facebook complied with Europe’s General Data Protection Regulation (GDPR) laws.

The execution of the General Data Protection Regulation, a European Union-wide law, is widely regarded as the global standard for online privacy. The fines were part of the process, and they increased the pressure on Meta, which was already losing money.

The leaked data was posted to an online hacking forum and included the full names, phone numbers, locations, and birthdates of platform users from 2018 to 2019. At the time, Meta stated that the threat actor obtained the information via a vulnerability fixed by the company in 2019, and that this was the same information involved in a previous leak reported by Motherboard in January 2021.

Ireland’s privacy watchdog also stated that this marks the conclusion of their investigation, which began in April of this year after the personal information of over 500 million users was leaked and published online.

The sources for this piece include an article in WallStreetJournal.