Meta fined €91 million for unintentionally storing passwords without protection

Spread the love


Certain social media users’ passwords were stored as “plain text” in internal systems without cryptographic protection or encryption.

On Friday, Ireland’s Data Protection Commission (DPC) fined Meta €91 million for unintentionally storing some users’ passwords without adequate protection or encryption. This was reported by Reuters and RTÉ.

The investigation began five years ago, in April 2019, when Meta notified the Irish DPC that some user passwords had been mistakenly stored as plain text in its internal systems without cryptographic protection or encryption.

The investigation revealed four violations of the EU’s General Data Protection Regulation (GDPR).

Meta publicly acknowledged the incident, stating that during a routine security review in 2019, it found that a subset of Facebook user passwords had been temporarily stored in readable format within its internal data systems.

The company took immediate action to fix the error after discovering it, and there was no evidence of password misuse. The DPC also confirmed that the passwords were not exposed to external parties.

In June, the DPC submitted its proposed fine to other European data protection authorities, and no objections were raised. The decision was then communicated to Meta.

EU’s Main Regulator

“It is generally accepted that user passwords should not be stored in plain text due to the risks of misuse,” said Graham Doyle, a DPC official in Ireland.

Meta cooperated constructively with the DPC throughout the investigation, a spokesperson said on Friday.

The DPC serves as the EU’s main regulator for most major U.S. internet companies, as many have chosen Ireland as their European headquarters.

To date, Meta has been fined a total of €2.5 billion in the EU for GDPR violations since the regulation was implemented in 2018, including a record €1.2 billion fine in 2023, which Meta has appealed.

Leave a Reply

Your email address will not be published. Required fields are marked *

TECH

Tesla to Launch Driverless Robotaxi Service in Just a Few Weeks

Spread the love

Spread the loveTesla is about to roll out its first batch of autonomous robotaxis, but the effort has more questions than answers on safety, transparency, and who precisely gets access. As Tesla, under the guidance of Elon Musk, presses on with driverless technology, it has the potential to be a pioneer for years to come. […]

Read More
TECH

Germany Launches Driverless Car Service – Book Your Ride Through an App

Spread the love

Spread the loveFrom this Wednesday, Germany will begin to test self-driving vehicles as part of its public transport system for the first time. The test project was announced by national rail operator Deutsche Bahn and regional mobility company in the Rhine-Main region in western Germany. The self-driving cars can be reserved by the passengers through […]

Read More
TECH

SpaceX Starship Completes Ninth Test Flight, Breaks Apart After 30 Minutes

Spread the love

Spread the loveSpaceX’s behemoth Starship rocket lifted off into the sky on its ninth test flight as another progression toward the company’s long-term vision of colonizing Mars. Though the spacecraft exploded roughly 30 minutes into flight, SpaceX still considers the mission successful. The test follows two earlier attempts this year that crashed shortly after liftoff. […]

Read More