Meta fined $263M over 2018 security breach that affected ~3M EU users

Meta fined €251M for 2018 Facebook breach affecting 3M EU users.

: Meta was fined €251 million by Ireland’s Data Protection Commission for a Facebook security breach affecting around 3 million EU users. The breach exploited a tool and exposed various personal data categories. Two enforcement decisions covered breach notification and data protection by design. No objections were raised to Ireland's draft decision by peer authorities.

Meta has been fined €251 million by Ireland’s Data Protection Commission for a Facebook security breach that occurred in 2018, affecting around 3 million users in the EU. The breach involved a bug in the 'View as' feature, allowing unauthorized access to personal data like email addresses and posts.

The enforcement focused on two investigations regarding Meta's breach notification and compliance with data protection by design principles. In both instances, Meta was found to have infringed the GDPR, resulting in fines of €11 million and €240 million, respectively.

Crucially, no objections were raised by other EU supervisory authorities to the draft decision. This marks a shift from previous disputes, highlighting smoother cooperation in enforcement. Meta acknowledged the breach, citing swift corrective actions and ongoing security measures.