TIP: Click on subject to list as thread! ANSI
echo: politics
to: All
from: Mike Powell
date: 2024-12-19 09:54:00
subject: Meta hit with $263m fine
Meta hit with $263m fine over 2018 Facebook data breach

Date:
Wed, 18 Dec 2024 16:27:00 +0000

Description:
Meta sanctioned for the handling of a bug which allowed unauthorized access 
to Facebook profiles.

FULL STORY

Meta has received yet another GDPR fine, with the parent company of Facebook,
Instagram and WhatsApp facing a 251 million (around $263 million) hit
following a 2018 data breach which exposed around 29 million Facebook 
accounts globally, 3 million of which were EU-based users. 

Irelands Data Protection Commission (DPC) has been one of Europes leading
regulatory bodies when it comes to holding tech firms to account, handing out
huge penalties for GDPR violations, including the largest ever GDPR fine, a
$1.3 billion charge, also against Meta , for data handling. 

The most recent violations refer to the attack in which malicious actors used
the view as feature, which ordinarily allows users to see what their account
looks like to their friends and family, to steal access tokens in order to
take over the users account.

Millions of users affected 

Of the users whose tokens were stolen, 15 million had their phone numbers and
email addresses exposed, and a further 14 million also had their usernames,
gender, relationship status, and location check-ins accessed. One million
lucky users targeted had no data stolen. 

Following the breach, the DPC found Facebook infringed  GDPR by not including
enough information in its breach notification, failing to properly document
the facts of the incident. The DPC also found the company failed to ensure 
the data protection principles were protected, and that Facebook had failed 
in its obligation as controllers to ensure that only necessary personal data
is processed. 

This enforcement action highlights how the failure to build in data 
protection requirements throughout the design and development cycle can 
expose individuals to very serious risks and harms, including a risk to the
fundamental rights and freedoms of individuals, said DPC Commissioner Graham
Doyle. 

This may seem like a hefty fine, and it is, but the reality of these GDPR
fines is not quite what it seems. So far, only 1% of these DPC fines have 
been collected , so there's a chance this fine could also get tied up in the
appeals process indefinitely.

======================================================================
Link to news story:
https://www.techradar.com/pro/meta-hit-with-usd263m-fine-over-2018-facebook-da
ta-breach

$$
--- SBBSecho 3.20-Linux
* Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (1:2320/105)
SOURCE: echomail via QWK@pharcyde.org

Email questions or comments to sysop@ipingthereforeiam.com
All parts of this website painstakingly hand-crafted in the U.S.A.!
IPTIA BBS/MUD/Terminal/Game Server List, © 2025 IPTIA Consulting™.