Meta fined £230m over data breach

Tech company Meta has been fined €265m (£230m) by an Irish watchdog over its massive data breach that saw over 500 million users’ details posted online. 

The Data Protection Commission (DPC), Ireland’s data watchdog and the body responsible for regulating the company for the European Union, fined the Facebook owner after finding it had breached two articles of the EU’s data protection laws. 

A spokesperson for the company said in a statement: ‘We made changes to our systems during the time in question, including removing the ability to scrape our features in this way using phone numbers. Unauthorised data scraping is unacceptable and against our rules and we will continue working with our peers on this industry challenge.’ 

Alongside the fine, the watchdog imposed an order requiring the company to ‘bring its processing into compliance by taking a range of specified remedial actions within a particular timeframe.’ 

The ‘scalped’ data appeared on a hacking website in 2021 after being collected from public profiles in 2018 and 2019 with the DPC claiming that a ‘significant’ number of the affected users were from the EU. Alongside Meta, the DPC is responsible for regulating other large tech companies such as Apple, Google and TikTok due to Ireland hosting their EU headquarters.

Meta, which is also the parent company for Instagram and WhatsApp, has been addressing declining sales recently alongside rising costs which have led to a decline in income and scared some investors. Earlier this month, CEO Mark Zuckerberg announced that the company would be continuing a hiring freeze through to next year and laying off over 11,000 of its staff, or about 13% of Meta’s workforce. 

Earlier this year the company was fined €405m by the DPC for allowing teenagers to set up public ‘business’ accounts that displayed their phone numbers and email addresses, whilst last year WhatsApp received a €225m fine for serious GDPR infringements. 

Large tech companies handling of personal data has been under the spotlight recently with Google also being forced to pay out a $391.5m settlement over a lawsuit regarding illegal tracking of users’ locations. Last year saw the largest GDPR fine to date when Amazon was fined €746m by privacy regulators in Luxembourg, though the company is fighting the ruling.

Photo by Dima Solomin


Leave a Reply

Your email address will not be published. Required fields are marked *

Help us break the news – share your information, opinion or analysis
Back to top