Meta fined $102 million by EU for 2019 password breach
- In 2019, Meta reported that some Facebook user passwords were stored in plain text, leading to an investigation by the Irish Data Protection Commission.
- The investigation resulted in a fine of 91 million euros, highlighting the risks associated with inadequate password security practices.
- Meta took immediate action to rectify the issue and emphasized their commitment to user privacy, although the incident raised concerns about data protection in the tech industry.
In 2019, Meta, the parent company of Facebook, reported a significant security lapse involving the storage of user passwords in plain text, which raised serious privacy concerns. The Irish Data Protection Commission initiated an investigation following this notification. The investigation concluded with a fine of 91 million euros (approximately $101.6 million) imposed on Meta for failing to adequately protect user data. Deputy Commissioner Graham Doyle emphasized the importance of not storing passwords in a readable format due to the inherent risks of abuse. Meta acknowledged the error, stating that a subset of passwords was temporarily logged in a readable format but asserted that there was no evidence of improper access or abuse of these passwords. The company took immediate corrective actions and cooperated with the regulatory inquiry, highlighting their commitment to user privacy and security. This incident underscores the ongoing challenges tech companies face in safeguarding user data and the regulatory scrutiny they encounter in the European Union.