Meta fined more than 250 million euro by Irish data commission following breach

17 December 2024, 18:34

A Facebook home page on a laptop screen
Facebook close up. Picture: PA

The data breach affected some 29 million Facebook accounts across the world.

Meta has been fined more than 250 million euro (£206 million) by the Irish Data Protection Commission over a data breach.

The breach affected approximately 29 million Facebook accounts globally, of which some three million were based in the EU/EEA.

It was reported by Meta in September 2018.

The personal data involved in the breach included account users’ full names, email addresses, phone numbers, locations, places of work, dates of birth, religions, genders, posts on timelines, groups of which a user was a member and children’s personal data.

It arose from the exploitation by unauthorised third parties of user tokens on the Facebook platform. The breach was remedied by Meta in Ireland and its US parent company shortly after its discovery.

The decisions in relation to the breach, which were made by the Commissioners for Data Protection, Dr Des Hogan and Dale Sunderland, included a number of reprimands and an order to pay administrative fines totalling 251 million euro.

Exterior view of Facebook parent company Meta’s headquarters in Dublin
The data breach was remedied by Meta in Ireland and its US parent company shortly after its discovery (Brian Lawless/PA)

DPC Deputy Commissioner Graham Doyle said a grave risk of misuse of data had been caused.

“This enforcement action highlights how the failure to build in data protection requirements throughout the design and development cycle can expose individuals to very serious risks and harms, including a risk to the fundamental rights and freedoms of individuals,” he said.

“Facebook profiles can, and often do, contain information about matters such as religious or political beliefs, sexual life or orientation, and similar matters that a user may wish to disclose only in particular circumstances.

“By allowing unauthorised exposure of profile information, the vulnerabilities behind this breach caused a grave risk of misuse of these types of data.”

By Press Association

More Technology News

See more More Technology News

The icons for the smartphone apps DeepSeek and ChatGPT are seen on a mobile

Nations and tech firms to jostle for AI leadership at Paris summit

Nick Lees

Man who credits King over cancer diagnosis given pioneering robotic microsurgery

Ellen Roome with her 14-year-old son Jools Sweeney

Parents suing TikTok over children’s deaths ‘want answers’

The Apple logo in the window of an Apple store

Home Office orders Apple to let it access users’ encrypted files – report

Ellen Roome with her son Jools Sweeney

Bereaved families file US lawsuit against TikTok over access to children’s data

The OpenAI logo appears on a mobile phone in front of a computer screen with random binary data

OpenAI taking claims of data breach ‘seriously’

There are concerns over how technology is aiding the abuse of women (Alamy/PA)

Deepfake abuse crackdown a ‘really important blow in battle against misogyny’

The Football Manager 25 logo on a light purple background

Football Manager 25 cancelled after delays

Football Manager 25 has been cancelled after being hit by delays

Football Manager 25 cancelled after several delays

Carsten Jung, head of AI at the IPPR, warned that politics 'needs to catch up' with the implications of AI (PA)

AI could replace 70% of tasks in computer-based jobs, study says

General view of IMI headquarters at Lakeside, Birmingham Business Park, Birmingham.

Engineering group IMI latest UK firm to be hit by cyber attack

A person's hands on the keyboard of a laptop

PSNI exploring use of AI to analyse mobile phone evidence

A screenshot of the homepage of AI chatbot DeepSeek, showing a warning message about new users being unable to register for the app

DeepSeek reopens new user sign-ups despite ongoing security concerns

A Google logo on the screen of a mobile phone, in Londons

Google axes diversity hiring targets as it reviews DEI programmes

A person’s hand pressing keys of a laptop keyboard

UK to get new cyber attack severity rating system

People working at computers

Capital raised by tech start-ups under Government scheme doubles