Meta, the parent company of Facebook and Instagram, was fined 251 million euros by Ireland's data protection authority on Tuesday for leaking the data of 29 million users in 2018, including three million from the European Union.
In 2018, Meta informed the Data Protection Commission (DPC) in Irelandwhere it has its European headquarters, that as a result of a system error and a hacker attack, personal data of Facebook users was disclosed.
Hackers took advantage of a loophole in the “view as” functionality on Facebook (which allowed Internet users to see how their profile was displayed publicly) to enter user accounts and take control of them, and from there gain access to the accounts of people on the person's friends list.
Data of millions of users
Initially, it was reported that the problem affected 50 million users, but ultimately it turned out that the data of 29 million Internet users, including 3 million citizens of EU countries, had been leaked online.
Meta assured that it immediately fixed the vulnerability and informed both users, the FBI and US and EU regulators about the incident.
The DPC launched an investigation into the matter and has now imposed a reprimand and administrative penalties on the company for violating EU data protection rules in the amount of EUR 251 million.
The company announces it will appeal against this decision.
Main photo source: Shutterstock