The breach involved the exploitation of user tokens on the Facebook platform by unauthorized third parties. The affected personal data included users' full names, email addresses, phone numbers, locations, places of work, dates of birth, religions, genders, posts on timelines, groups of which users were members, and children's personal data. Meta and its US parent company took immediate action to remedy the breach upon its discovery.
The DPC's final decisions recorded several infringements of the General Data Protection Regulation (GDPR) by MPIL:
The DPC reprimanded MPIL for these failures and ordered it to pay administrative fines totaling €251 million.
DPC Deputy Commissioner Graham Doyle commented:“This enforcement action highlights how the failure to build in data protection requirements throughout the design and development cycle can expose individuals to very serious risks and harms, including a risk to the fundamental rights and freedoms of individuals. Facebook profiles can, and often do, contain information about matters such as religious or political beliefs, sexual life or orientation, and similar matters that a user may wish to disclose only in particular circumstances. By allowing unauthorised exposure of profile information, the vulnerabilities behind this breach caused a grave risk of misuse of these types of data.”
Meta is expected to appeal the decision, as it has done with previous fines imposed by the DPC.
Reference(s)
Irish Data Protection Commission fines Meta €251 Million | 17/12/2024 | Data Protection Commission
If you are interested in finding out more about the IISF, or would like to attend one of our Chapter Meetings as an invited guest, please contact the
IISF Secretary:
By email:
secretary@iisf.ie
By post:
David Cahill
Information Security
GPO, 1-117
D01 F5P2
Enhance your Cybersecurity knowledge and learn from those at the coalface of information Security in Ireland
Invitations for Annual Sponsorship of IISF has now reopened.
Sponsors are featured prominently throughout the IISF.IE website, social media channels as well as enjoying other benefits Read more