News

Meta fined over password security violation

Tuesday 1 October 2024 09:11 CET | News

US-based multinational technology corporation Meta has been fined USD 102 million by the Irish DPC over not encrypting user passwords. 

Coming as another penalty for Meta under the EU’s privacy regulations, the breach was discovered in a DPC investigation, initiated in 2019, and revealed that the company inadvertently stored a subset of Facebook users’ passwords in plain text, which allowed employees to access them. Meta’s violation of security protocols led to the fine, considering that storing passwords in plain text is believed to neglect basic security measures.

Meta fined over password security violation

When commenting on the announcement, representatives from the regulatory body underlined the importance of encrypting passwords to prevent abuse, which is a standard practice in protecting user information. Even if this lapse was reported, Meta mentioned that it found no evidence of misuse or improper access to these passwords. In addition, the company responded promptly to the incident, remedying the error and maintaining constant communication with the DPC throughout the investigation.

The current fine comes as an addition to a series of penalties the DPC imposed on Meta, including previous fines for matters related to data mishandling across its platforms such as Instagram and WhatsApp.

Meta’s settlement for facial recognition data lawsuit

The announcement regarding the Irish DPC’s fine for Meta comes shortly after the company agreed to a USD 1.4 billion settlement with Texas to resolve a lawsuit alleging that it illegally leveraged facial-recognition technology to collect biometric data from individuals without consent. Initially filed in 2022, the lawsuit was among the first substantial cases under Texas’ 2009 biometric privacy law, with the regulation enabling damages of up to USD 25,000 per violation. At that time, Texas alleged that Facebook gathered biometric data from photos and videos uploaded by users through a free, now-discontinued feature called Tag Suggestions.

Moreover, Texas officials highlighted that the settlement demonstrates the state’s commitment to challenging technology companies and holding them accountable for legal breaches of Texans’ privacy rights.

Source: Link


Free Headlines in your E-mail

Every day we send out a free e-mail with the most important headlines of the last 24 hours.

Subscribe now

Keywords: regulation, data protection, data breaches, biometrics, biometric authentication
Categories: Payments & Commerce
Companies: Meta
Countries: Europe
This article is part of category

Payments & Commerce

Meta

|
Discover all the Company news on Meta and other articles related to Meta in The Paypers News, Reports, and insights on the payments and fintech industry: