The Meta giant, which makes tens of billions of dollars in profits, was fined 251 million euros on Tuesday in the European Union (EU) due to a security breach on Facebook in 2018, reports AFP.
Meta has been fined PHOTO: Shutterstock
This security flaw allowed some hackers access to personal data such as your full name, email address, phone number, date of birth or religion, according to the Irish Data Protection Commission (DPC).
The regulator is imposing this fine on behalf of the EU, as the European headquarters of Meta, the parent company of Facebook, is in Dublin.
This case – revealed by Facebook in September 2018 – caused a huge scandal around the world, writes news.ro.
“This data breach impacted 28 million Facebook accounts worldwide, approximately three million of which were in the EU”DPC recalls in a press release.
“We took immediate action to resolve the issue as soon as it was identified and proactively informed the affected individuals and the Irish Data Protection Commission,” a Meta spokesman said in a statement, which intends to appeal.
“VIEW AS”
Hackers have taken advantage of an accumulation of several errors (bugs) of the functionality”view as” – which allows you to see how your own profile looks when viewed by another user – to access the data.
Using this function could accidentally generate digital keys of cohesion – called in English “access tokens” – which allow you to keep the connection without re-entering the password every time.
Hackers managed to take these keys that give access to accounts as if you were the owner.
According to DPC, this fault lasted 14 days – from September 14 to 28, 2018.
The fine applied on Tuesday “shows how the fact that data protection requirements are not integrated throughout the entire design and development cycle can expose people to very serious risks and harms”, comments the Irish authority’s communications officer, Graham Doyle.
The DPC began investigating at the end of 2018.
It was then about one of the first applications against a heavy Internet name of the European Data Protection Regulation (RGPD), which comes into force a few months earlier in the EU.
This regulation, which aims to better protect the personal data of Europeans, strengthens the rights of surfers on the Internet and establishes clear obligations of companies in the processing of their data.
Meta is regularly accused in the EU, but its convictions – which often come years after the fact – appear to do little to deter the Menlo Park giant, which just reported third-quarter revenue of $40.59 billion ( 38.7 billion euros), and a profit of 15.69 billion dollars – worse than the market expected.
The most recent fine in the EU regarding data was applied at the end of September, namely in the amount of 91 million euros, due to the lack of transparency, following a security breach.
The group has already been fined – among others – with 225 million euros in 2021, also due to lack of transparency, with 405 million euros in 2022, due to violations in the processing of minors’ data, with 265 million euros also in 2022, due to a lack of protection for children or with 390 million euros in 2023, also from due to transparency problems.
