Close Menu
  • Home
  • Europe
  • United Kingdom
  • World
  • Politics
  • Business
  • Culture
  • Health
  • Sports
  • Tech
  • Travel
Trending

Erith fire LIVE: Warehouse, crane and vehicles on fire at London industrial estate

July 12, 2025

Two ways people could get ‘early’ Universal Credit payments

July 12, 2025

‘Doctors kept saying I was stressed – but I actually have an overlooked condition’

July 11, 2025
Facebook X (Twitter) Instagram
Facebook X (Twitter) Instagram YouTube
Se Connecter
July 12, 2025
Euro News Source
Live Markets Newsletter
  • Home
  • Europe
  • United Kingdom
  • World
  • Politics
  • Business
  • Culture
  • Health
  • Sports
  • Tech
  • Travel
Euro News Source
Home»Business
Business

Meta Fined €251 Million for 2018 Data Breach

News RoomBy News RoomDecember 17, 2024
Facebook Twitter WhatsApp Copy Link Pinterest LinkedIn Tumblr Email Telegram

In 2018, a significant data breach on Facebook, now under the umbrella of Meta Platforms, exposed the personal data of millions of users, triggering an investigation by European Union privacy regulators. This breach stemmed from vulnerabilities within Facebook’s platform code that allowed hackers to exploit bugs and steal digital keys, known as “access tokens,” granting them unauthorized access to user accounts. These access tokens essentially serve as digital passwords, providing access to an individual’s account and associated data without requiring the actual password.

The investigation, led by Ireland’s Data Protection Commission (DPC), Meta’s lead privacy regulator within the EU due to the company’s regional headquarters being located in Dublin, concluded with the imposition of fines totaling €251 million on Meta. The DPC determined that Meta had infringed upon multiple provisions of the General Data Protection Regulation (GDPR), the EU’s stringent data privacy framework. The GDPR mandates robust data protection measures for all individuals within the EU and imposes significant penalties for non-compliance. The DPC’s decision reflects the gravity of the breach and underscores the importance of adhering to the GDPR’s principles of data security and user privacy.

Meta has expressed its intention to appeal the decision, maintaining that it took swift action to rectify the vulnerabilities upon discovery and proactively informed both affected users and the Irish watchdog. The company’s statement emphasizes the time elapsed since the incident occurred in 2018, suggesting that the penalties are disproportionate considering the remedial actions taken. However, the DPC’s investigation concluded that Meta’s response, while prompt, was insufficient to mitigate the impact of the breach and fell short of the GDPR’s requirements.

Initial estimates of the breach’s impact suggested that 50 million user accounts were compromised. However, subsequent investigations revised this figure downwards to approximately 29 million accounts globally, with 3 million accounts affected within the European Union. This clarification helps to define the scope of the breach and provides a more accurate representation of the number of individuals whose data was potentially exposed. While the revised number is lower than initially reported, it still represents a substantial breach affecting a significant number of users.

Upon discovering the vulnerabilities, Facebook reported the incident to the FBI and regulatory authorities in both the United States and Europe, demonstrating a commitment to transparency and cooperation with law enforcement agencies. The breach involved three distinct bugs within Facebook’s “View As” feature, a functionality that allowed users to view their profiles as they appeared to others. Attackers exploited these vulnerabilities to steal access tokens from the accounts of individuals whose profiles were viewed using the “View As” feature. The attack then propagated through the network, spreading from one user’s Facebook friends to another, leveraging existing connections to expand the reach of the breach.

The stolen access tokens effectively granted attackers control over the compromised accounts, enabling them to access personal data, post content, and potentially engage in further malicious activities. The nature of the breach, facilitated by the “View As” feature, highlighted the potential risks associated with functionalities that provide access to user profiles and underscores the necessity for rigorous security testing to prevent exploitation. The incident served as a reminder of the importance of robust security measures to protect user data and the potential consequences of failing to address vulnerabilities promptly. The substantial fines imposed by the DPC serve as a deterrent and emphasize the EU’s commitment to enforcing data privacy regulations.

Share. Facebook Twitter Pinterest LinkedIn Telegram WhatsApp Email

Keep Reading

UK economy contracts again in May despite government growth push

Business July 11, 2025

Lula vows retaliatory tariffs if Trump imposes 50% levies on Brazil

Business July 11, 2025

Trump administration sues California over egg prices, blames red tape

Business July 10, 2025

Europe’s iPhone price gap: Where you’ll pay the most and least

Business July 10, 2025

German Chancellor says he’s confident EU-US trade deal will come soon

Business July 9, 2025

German exports drop as US shipments decline ahead of tariff deadline

Business July 8, 2025

Nvidia is on track to become the most valuable company in history

Business July 4, 2025

What is in Trump’s tax and spending bill that will soon become law?

Business July 4, 2025

July’s seasonal magic: European stocks’ summer rally revealed

Business July 3, 2025

Editors Picks

Two ways people could get ‘early’ Universal Credit payments

July 12, 2025

‘Doctors kept saying I was stressed – but I actually have an overlooked condition’

July 11, 2025

Urgent update from police on missing boy, 11, after hundreds of locals join search

July 11, 2025

Ryanair flight from Mallorca descends into ‘chaos’ as police board plane

July 11, 2025

Latest News

‘Despicable’ paedophile set dogs on animals including pet cat and filmed attacks

July 11, 2025

US appeals court throws out plea deal for alleged mastermind of 11 September terror attacks

July 11, 2025

Inside England Lionesses’ -120C cryotherapy chamber helping heroes bounce back

July 11, 2025

Subscribe to News

Get the latest Europe and World news and updates directly to your inbox.

Facebook X (Twitter) Pinterest Instagram
2025 © Euro News Source. All Rights Reserved.
  • Privacy Policy
  • Terms
  • Contact

Type above and press Enter to search. Press Esc to cancel.

Sign In or Register

Welcome Back!

Login to your account below.

Lost password?