This article is from the source 'bbc' and was first published or seen on . The next check for changes will be
You can find the current article at its original source at https://www.bbc.com/news/articles/cvgl8lerx85o
The article has changed 13 times. There is an RSS feed of changes available.
| Version 11 | Version 12 |
|---|---|
| Facebook: Meta fined €91m after password storage investigation | |
| (5 months later) | |
| Facebook parent company Meta has been fined €91m (£75m) by the Irish Data Protection Commission (DPC) following an investigation into the storage of passwords. | Facebook parent company Meta has been fined €91m (£75m) by the Irish Data Protection Commission (DPC) following an investigation into the storage of passwords. |
| An inquiry was launched in April 2019 after Meta notified the DPC that it had inadvertently stored certain passwords of social media users on its internal systems without encryption. | An inquiry was launched in April 2019 after Meta notified the DPC that it had inadvertently stored certain passwords of social media users on its internal systems without encryption. |
| The DPC submitted a draft decision to other European data watchdogs in June 2024. | The DPC submitted a draft decision to other European data watchdogs in June 2024. |
| No objections were raised by the other authorities. | No objections were raised by the other authorities. |
| Meta has been found to have four breaches of General Data Protection Regulation (GDPR). | Meta has been found to have four breaches of General Data Protection Regulation (GDPR). |
| DPC deputy commissioner Graham Doyle said: “It is widely accepted that user passwords should not be stored in 'plaintext' considering the risks of abuse that arise from persons accessing such data. | DPC deputy commissioner Graham Doyle said: “It is widely accepted that user passwords should not be stored in 'plaintext' considering the risks of abuse that arise from persons accessing such data. |
| "It must be borne in mind, that the passwords the subject of consideration in this case are particularly sensitive, as they would enable access to users’ social media accounts." he added. | "It must be borne in mind, that the passwords the subject of consideration in this case are particularly sensitive, as they would enable access to users’ social media accounts." he added. |
| The decision, which was made by the commissioners for data protection, Dr Des Hogan and Dale Sunderland, and notified to Meta on 26 September, includes a reprimand and a fine. | The decision, which was made by the commissioners for data protection, Dr Des Hogan and Dale Sunderland, and notified to Meta on 26 September, includes a reprimand and a fine. |
| What has happened previously? | What has happened previously? |
| In May 2023, Meta was fined €1.2bn (£1bn) for mishandling data when transferring it between Europe and the United States. | In May 2023, Meta was fined €1.2bn (£1bn) for mishandling data when transferring it between Europe and the United States. |
| That fine was also issued by Ireland's DPC; the largest fine imposed under the EU's GDPR privacy law. | That fine was also issued by Ireland's DPC; the largest fine imposed under the EU's GDPR privacy law. |
| In 2022, Meta was fined €265m (£220m) after data from 533m people in 106 countries was published on a hacking forum having been "scraped" from Facebook years earlier. | In 2022, Meta was fined €265m (£220m) after data from 533m people in 106 countries was published on a hacking forum having been "scraped" from Facebook years earlier. |