$275M Fine for Meta After Facebook Data Scrape
Meta has been found in violation of Europe's GDPR rules requiring the social media giant to protect user data by "design and default."
Following the discovery of a data set of Facebook user personal data available on the Internet, the European Union's Data Protection Commission (DPC) has found Meta Platforms Ireland Ltd. (MPIL) in violation of General Data Protection Regulation rules, fining the platform $275 million (€265 million), and requiring the company to make cybersecurity changes.
The breached personal data was first discovered in April 2021, and followed by the launch of a DPC investigation, the regulator explained in an announcement of its findings. DPC reported that Facebook was out of compliance with the GDPR regulation to provide "data protection by design and default." As a result a threat actor was able to use "data scraping" to exfiltrate massive amounts of collated personal user data, the DPC said.
"The decision imposed a reprimand and an order requiring MPIL to bring its processing into compliance by taking a range of specified remedial actions within a particular timeframe," the DPC ruled. "In addition, the decision has imposed administrative fines totaling €265 million on MPIL."
About the Author(s)
You May Also Like
Beyond Spam Filters and Firewalls: Preventing Business Email Compromises in the Modern Enterprise
April 30, 2024Key Findings from the State of AppSec Report 2024
May 7, 2024Is AI Identifying Threats to Your Network?
May 14, 2024Where and Why Threat Intelligence Makes Sense for Your Enterprise Security Strategy
May 15, 2024Safeguarding Political Campaigns: Defending Against Mass Phishing Attacks
May 16, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024