Published by Jessica Weisman-Pitts
Posted on December 17, 2024
2 min readLast updated: January 28, 2026
Add as preferred source on Google
DUBLIN (Reuters) -The lead European Union data privacy regulator for Meta fined the social media giant 251 million euros ($263.5 million) on Tuesday for a 2018 Facebook security breach that affected 29 million users.
DUBLIN (Reuters) -The lead European Union data privacy regulator for Meta fined the social media giant 251 million euros ($263.5 million) on Tuesday for a 2018 Facebook security breach that affected 29 million users.
Meta notified Ireland’s Data Protection Commission at the time that cyber attackers had exploited a vulnerability in Facebook’s code that impacted the “View As” feature that lets users see what their own profile looks like to someone else.
That led to a breach in personal data including users’ full name, contact details, location, place of work, date of birth, religion, gender and their children’s personal data, the DPC said.
“By allowing unauthorised exposure of profile information, the vulnerabilities behind this breach caused a grave risk of misuse of these types of data,” DPC Deputy Commissioner Graham Doyle said in a statement.
Meta remedied the breach shortly after its discovery, the DPC said. Of the 29 million Facebook accounts impacted globally, about 3 million were based in the EU and European Economic Area.
The DPC is the lead EU regulator for most of the top U.S. internet firms due to the location of their EU operations in Ireland.
It has so far fined Meta almost 3 billion euros for breaches under the bloc’s General Data Protection Regulation (GDPR) introduced in 2018, including a record 1.2 billion euro fine in 2023 that Meta is appealing.
Meta said it will also appeal Tuesday’s decision and that it has a wide range of measures in place to protect users across its platforms.
“We took immediate action to fix the problem as soon as it was identified, and we proactively informed people impacted as well as the Irish Data Protection Commission,” a spokesperson for Meta said in a statement.
($1 = 0.9527 euros)
(Reporting by Padraic Halpin; Editing by Sachin Ravikumar and Jan Harvey)
Data protection refers to the practices and processes designed to safeguard personal data from unauthorized access, use, or disclosure, ensuring individuals' privacy and rights are respected.
A data breach occurs when unauthorized individuals gain access to sensitive data, often leading to the exposure of personal information such as names, addresses, and financial details.
The General Data Protection Regulation (GDPR) is a comprehensive data protection law in the EU that governs how personal data is collected, processed, and stored, giving individuals greater control over their data.
Cybersecurity involves protecting computer systems, networks, and data from digital attacks, theft, and damage, ensuring the confidentiality, integrity, and availability of information.
Explore more articles in the Technology category
