Ireland’s data privacy regulator has reportedly fined Meta nearly $275 million for allegedly “failing to prevent hackers from siphoning off personal information from more than 500 million Facebook users in a 2019 data leak.”
This the fourth time in less than one year that the company has been penalized by the Irish Data Protection Commission.
In a span of one year, the chief privacy regulator monitoring Meta’s operations in Europe, has fined the social media company subsidiaries, Instagram and WhatsApp 912 million euros for alleged violations of Europe’s signature data privacy law, known as the General Data Protection Regulation (GDPR).
As Brian Fung notes, Meta was recently slapped with a 405 million euro fine over Instagram’s handling of children’s data, the second-largest GDPR fine in history. “Other enforcement actions, in March 2022 and September 2021, led to fines of 17 million euros and 225 million euros, respectively,” Brian writes.
Meta is reportedly reviewing the DPC’s decision “carefully” according to a statement issued by the company’s spokesperson.
Last year, Business Insider reported that “more than half a billion Facebook users’ details had been posted on an underground hacker website”, prompting an investigation into the claims
Meta has stressed its commitment to upholding data security saying: “Protecting the privacy and security of people’s data is fundamental to how our business works.”
The company said in a statement this week: “We made changes to our systems during the time in question, including removing the ability to scrape our features in this way using phone numbers.”
Unauthorised data scraping, Meta says, “is unacceptable and against our rules and we will continue working with our peers on this industry challenge.”