Ireland's Data Protection Commission hit Meta with a 265 million fine after a data leak exposed the information of more than 500 million users. Shortly after the news of the leak broke, the DPC began an investigation into whether Facebook complied with Europe's General Data Protection Regulation.
The full names, phone numbers, locations, and birthdates of users on the platform were included in the leaked information. The bad actor obtained the information through a vulnerability that the company fixed in 2019.
The DPC imposed three fines on Meta this year. The DPC fined Meta $18.6 million for bad record-keeping related to a series of data breeches that exposed the information of up to 30 million Facebook users. Meta was fined $400 million by the European Regulator in September after an investigation into the handling of teens' data.
The DPC has fined Meta over $700 million, but that doesn't include the $267 million fine that was incurred for violating Europe's data privacy laws. A statement was obtained by Newstalk reporter Jess Kelly.
We made changes to our systems during the time in question, including removing the ability to scrape our features in this way using phone numbers. Unauthorised data scraping is unacceptable and against our rules and we will continue working with our peers on this industry challenge. We are reviewing this decision carefully.
Meta didn't reply immediately. The External Data Misuse (EDM) team is given the task of detecting, blocking, and preventing data scrapers.