Meta, a prominent tech company, has been fined €91m by the Irish data protection authority for failing to adequately protect user passwords. The investigation began in 2019 when Meta disclosed that it had stored some passwords in plaintext on its internal systems, violating the EU’s General Data Protection Regulation. The Irish Data Protection Commission found that storing user passwords in plaintext posed significant risks and was a breach of privacy.
Deputy Commissioner Graham Doyle emphasized the sensitivity of user passwords, as they could provide unauthorized access to social media accounts. The Irish regulator sent a draft decision to other EU authorities, who did not object to the hefty fine. This is not Meta’s first GDPR fine, as the company previously faced a record €1.2 billion penalty for improper data transfers and a €265m fine for a data breach in which information from over 533 million users was exposed.
Meta has been under scrutiny for its data protection practices, with previous fines highlighting the company’s failure to safeguard user information. This latest fine serves as a reminder of the importance of maintaining secure password protocols and complying with data protection regulations. The substantial penalty imposed on Meta demonstrates the seriousness with which regulators view violations of privacy and the protection of personal data.
Source
Photo credit www.euronews.com