Facebook parent company Meta has been fined €91m (£75m) by the Irish Data Protection Commission (DPC) following an investigation into the improper storage of user passwords. The inquiry, which began in April 2019, revealed that Meta had inadvertently stored the passwords of social media users on its internal systems without encryption, breaching data privacy regulations.
 |
| Meta fined for improper storage of user passwords |
Meta’s GDPR Violations
The DPC's decision was finalized in June 2024, following confirmation by other European data watchdogs. Meta was found to have committed four violations of the General Data Protection Regulation (GDPR), which mandates strict security protocols for handling sensitive user information.
Storing passwords in plaintext is considered one of the most serious data security missteps, as it exposes user accounts to potential abuse and hacking.
DPC deputy commissioner Graham Doyle commented, "It is widely accepted that user passwords should not be stored in 'plaintext' considering the risks of abuse that arise from persons accessing such data. The passwords in this case are particularly sensitive as they could enable unauthorized access to social media accounts."
The DPC imposed both a reprimand and the €91m fine on Meta, marking another significant penalty for the tech giant's repeated data privacy failures.
Meta’s History of Data Breaches
This isn't the first time Meta has faced steep fines for its data handling practices. In May 2023, Meta was fined a record-breaking €1.2bn (£1bn) by the DPC for improper data transfers between Europe and the United States. In 2022, the company was hit with another €265m (£220m) fine after data from over 533 million users was published on a hacking forum.
These incidents highlight ongoing concerns about how Meta manages and secures the vast amounts of data collected from its platforms.
 |
| Data Breach Big Tech |
Strengthening Your Password Security
Given Meta's repeated data security issues, it's critical that individuals take control of their own password security. Using weak or reused passwords is a major vulnerability, especially in today's increasingly risky online environment.
For a more secure approach, you can generate strong, random passwords using the Password Generator. This tool helps you stay protected by creating complex passwords that are hard to crack, providing an extra layer of defense against potential hackers.