Meta fined over password security violation

Tuesday 1 October 2024 09:11 CET | News

US-based multinational technology corporation Meta has been fined USD 102 million by the Irish DPC over not encrypting user passwords.

Coming as another penalty for Meta under the EU’s privacy regulations, the breach was discovered in a DPC investigation, initiated in 2019, and revealed that the company inadvertently stored a subset of Facebook users’ passwords in plain text, which allowed employees to access them. Meta’s violation of security protocols led to the fine, considering that storing passwords in plain text is believed to neglect basic security measures.

Meta fined over password security violation

When commenting on the announcement, representatives from the regulatory body underlined the importance of encrypting passwords to prevent abuse, which is a standard practice in protecting user information. Even if this lapse was reported, Meta mentioned that it found no evidence of misuse or improper access to these passwords. In addition, the company responded promptly to the incident, remedying the error and maintaining constant communication with the DPC throughout the investigation.

The current fine comes as an addition to a series of penalties the DPC imposed on Meta, including previous fines for matters related to data mishandling across its platforms such as Instagram and WhatsApp.

Meta’s settlement for facial recognition data lawsuit

The announcement regarding the Irish DPC’s fine for Meta comes shortly after the company agreed to a USD 1.4 billion settlement with Texas to resolve a lawsuit alleging that it illegally leveraged facial-recognition technology to collect biometric data from individuals without consent. Initially filed in 2022, the lawsuit was among the first substantial cases under Texas’ 2009 biometric privacy law, with the regulation enabling damages of up to USD 25,000 per violation. At that time, Texas alleged that Facebook gathered biometric data from photos and videos uploaded by users through a free, now-discontinued feature called Tag Suggestions.

Moreover, Texas officials highlighted that the settlement demonstrates the state’s commitment to challenging technology companies and holding them accountable for legal breaches of Texans’ privacy rights.

Source: Link

Free Headlines in your E-mail

Every day we send out a free e-mail with the most important headlines of the last 24 hours.

Subscribe now

Keywords:	regulation, data protection, data breaches, biometrics, biometric authentication
Categories:	Payments & Commerce
Companies:	Meta
Countries:	Europe

This article is part of category

Payments & Commerce

::: more

Free Headlines	::: subscribe now
RSS	::: follow ThePaypers via RSS ::: connect
LinkedIn	::: connect with ThePaypers on LinkedIn ::: connect
Twitter	::: follow ThePaypers on Twitter ::: follow
Facebook	::: like ThePaypers on Facebook ::: like

Meta fined over password security violation

Meta’s settlement for facial recognition data lawsuit

Free Headlines in your E-mail

Payments & Commerce

Meta

Discover all the Company news on Meta and other articles related to Meta in The Paypers News, Reports, and insights on the payments and fintech industry:

Voice of the Industry

3-D Secure findings highlight missed opportunities for online merchants

eIDAS2: compliance requirements or growth opportunities? (Part 2)

Chile: 2024 analysis of payments and ecommerce trends

Ecommerce's hidden foe: the fight against card-not-present fraud

Part 1: Uncovering the untapped customer opportunity in eIDAS2

Interviews

The role of SEPA Inst in Verification of Payee (VoP)

How cloud modernisation is accelerating payments innovation

New CFPB rule on consumer data: Open Banking in the US

Assessing European fintechs in 2024: resilience, shifting focus, and emerging trends

The advantages of an accountable fraud provider to deter ecommerce fraud

Industry Events

The Paypers

This Site

Contact Information

Legal Information