Meta, Facebook's parent company, hit with €91m fine by Irish Data Protection Commission for storing passwords without encryption
In a recent development, Meta, the parent company of Facebook, has been fined €91m (£75m) by the Irish Data Protection Commission (DPC) for storing passwords without encryption. This comes after an investigation launched in April 2019 revealed that certain passwords of social media users were stored on Meta's internal systems in plaintext, posing a significant risk to user data security.
The DPC found Meta to have committed four breaches of the General Data Protection Regulation (GDPR) and issued a reprimand along with the hefty fine. Deputy commissioner Graham Doyle emphasized the importance of not storing user passwords in plaintext due to the potential risks of unauthorized access to sensitive data, such as social media accounts.
This is not the first time Meta has faced fines for mishandling data. In May 2023, the company was fined €1.2bn (£1bn) for improper data transfers between Europe and the United States, marking the largest fine under the EU's GDPR privacy law. Additionally, in 2022, Meta was fined €265m (£220m) for a data breach that exposed the information of 533m people in 106 countries.
In conclusion, Meta's repeated violations of data protection regulations highlight the importance of companies safeguarding user data and implementing robust security measures. As an investor or consumer, it is crucial to stay informed about such incidents as they can impact the company's reputation, stock performance, and overall trustworthiness. By understanding the implications of data breaches and regulatory fines, individuals can make informed decisions about their investments and online privacy.