Meta Fined €91 Million By EU For Password Security Breach

Meta, the parent company of Facebook, has been fined €91 million ($101.5 million) by the European Union’s Irish Data Protection Commission (DPC), for storing user passwords in plaintext.

The DPC launched an investigation five years ago, after Meta reported the issue, marking a significant breach of user privacy rules under the General Data Protection Regulation (GDPR).

Join our WhatsApp Channel

Meta’s Response to the Security Incident

Meta acknowledged the breach at the time, revealing that some users’ passwords were stored without encryption.

A spokesperson for the company said, “We identified this issue during a security review in 2019 and immediately took action to resolve it.”

The spokesperson added that there was no evidence to suggest that the passwords were misused or accessed by unauthorised individuals.

DPC’s View on Meta’s Security Lapse

The Irish DPC, which oversees GDPR compliance for many U.S. tech giants with EU headquarters in Ireland, expressed concern over Meta’s practices.

Deputy Commissioner Graham Doyle emphasized, “It is widely accepted that user passwords should not be stored in plaintext, considering the risks of abuse that arise from persons accessing such data.”

History of Fines

This is not the first time they have been fined by the DPC. Since GDPR came into effect in 2018, Meta has faced a total of €2.5 billion in penalties for various privacy violations, including a record €1.2 billion fine in 2023.

Meta is currently appealing that decision. The company has consistently engaged with the DPC during investigations and insists on improving its data protection measures.

While they have taken steps to address the security lapse, the fine underscores the EU’s commitment to enforcing strict data protection rules.

The incident highlights the ongoing challenges major tech companies face in complying with GDPR and maintaining the security of user data.

Emmanuel Ochayi

+ posts

Emmanuel Ochayi is a journalist. He is a graduate of the University of Lagos, School of first choice and the nations pride. Emmanuel is keen on exploring writing angles in different areas, including Business, climate change, politics, Education, and others.

Latest from News

Court Set to Deliver Long -Awaited Judgment In Kanu’s Terrorism Trial

A Federal High Court in Abuja will today deliver judgment in the decade-long terrorism case involving the detained leader of the Indigenous People of Biafra (IPOB), Nnamdi Kanu. The judgment, to be delivered by Justice John Omotosho, is expected to be broadcast

NAF Pounds Terrorist Enclave in Sambisa, Hits ARRA Hideout

The Nigerian Air Force (NAF) has executed a major air interdiction operation on a Boko Haram stronghold in the Sambisa Forest, delivering what officials described as a “precision, intelligence-driven strike” on the terrorist enclave known as ARRA. The operation, carried out on

Full List of Abducted Kebbi Schoolgirls PBA Confirms, as Authorities Step Up Rescue Operations

Fresh details from verified sources have confirmed the identities of the 25 schoolgirls abducted from Government Girls Comprehensive Secondary School, Maga, in Kebbi State, as security agencies intensify search-and-rescue efforts across the forests of Danko-Wasagu Local Government Area. The names of the

Terrorists Strike In Southern Kaduna, Claiming Six Lives After Zamfara Student Rescue

Gunmen Strike Military Convoy in Kebbi Amid Schoolgirl Rescue Mission, Multiple Soldiers Wounded

Nigerian troops en route to rescue 25 schoolgirls abducted from the Government Girls Comprehensive Secondary School in Maga, Kebbi State, were ambushed by terrorists, leaving several soldiers injured, officials confirmed. The abduction occurred on Monday, when gunmen riding motorcycles stormed the school

Gunmen Attack Adamawa State Police HQ Amid Tensions; Military Link Suspected

Chaos on Camera, How Gunmen Invaded Kwara Church, Killed 3, Kidnapped Congregants

Terror struck the quiet community of Eruku on Tuesday evening when armed bandits invaded a church during a livestreamed service, killing at least three worshippers and abducting several others, including the pastor. The attack occurred around 6 p.m. at Christ Apostolic Church

Cookie	Duration	Description
cookielawinfo-checbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.