Meta is fined 91 million euros for storing millions of unencrypted passwords
Properly protecting the passwords that the user stores on the network of networks is something that is often taken for granted and that not all companies, even if they are of absolutely cyclopean make, nevertheless make an effort to comply. Let them tell it, if not, to Meta, who The Irish Data Protection Commission has fined €91 million for storing millions of Facebook and Instagram passwords in plain text.or what is the same, without any type of encryption that would properly safeguard them.
The fine casts anchor in an investigation that the Irish Data Protection Commission initially opened in 2019 and that has dragged on for five years.
He irish regulatory body has concluded that Meta broke multiple articles of the European Union’s General Data Protection Regulation (GDPR) by failing to properly protect the passwords of several hundred million Facebook and Instagram users.
It is not the first time that the company led by Mark Zuckerberg has been sanctioned within the European Unionwhose authorities have subjected it to tight control in recent years.
In May 2023, without going any further, the parent company of Facebook and Instagram was fined a record fine of 1.2 billion euros. for improperly using personal information of its users to confront them with personalized ads.
Meta has faced multiple fines in the old continent in recent years
And before being punished with this sanction, In the period between September 2021 and January 2023, the American multinational was fined multiple times on European soil for flouting the GDPR.. The sanctions that Meta had to face during that period had a cumulative value of close to 1,000 million euros.
If we focus specifically on the latest sanction imposed on Meta, that of the Irish Data Protection Commission, this body criticizes the Menlo Park company that “it is a widely accepted fact that user passwords should not be stored in plain text, considering the risks of abuse arising from access to such data by individuals. “It must be taken into account that the passwords analyzed in this case are especially sensitive, since they would allow access to users’ social media accounts”emphasizes Graham Doyle, deputy commissioner of the Irish Data Protection Commission.
An internal investigation carried out within Meta revealed that Potentially sensitive information from Facebook and Instagram users had been stored in an unencrypted database to which around 22,000 employees of the multinational had access.
When Meta made public the controversial results of its investigation, which ultimately prompted Ireland’s Data Protection Commission to act, It was estimated that there were between 200 and 600 million users directly affected by the bug. The company tried to minimize, however, the impact of the security error by ensuring that many of the potentially exposed passwords were old and in some cases dated back to 2012. Still, Meta had to contact the affected accounts to warn its owners of the failure and urge them to change their password.
Discover more from CiptaVisual
Subscribe to get the latest posts sent to your email.