A naukri.com initiative
Tech Story
1M
154
Meta Fined $101.5 Million for Storing 600 Million Passwords in Plain Text The Timeline of Meta's Password Storage Controversy
- Meta, the parent company of Facebook and Instagram, has been fined $101.5 million by Ireland’s Data Protection Commission(DPC) for storing more than 600 million user passwords in plain text, leaving them vulnerable to internal access for more than a decade, violating GDPR at the same time.
- The case goes back to 2019 when Facebook admitted that hundreds of millions of user passwords were being stored in plain text. The company confirmed that around 2,000 employees had made over 9 million queries to this database in the past.
- The DPC’s investigation culminated in the recent fine. The company was found to have violated four sections of the GDPR, including delayed notification of the breach to the DPC.
- Data Protection Commissioner, Graham Doyle, emphasized the severity of storing passwords in plain text as they could have allowed unauthorized access to users’ social media accounts.
- Although it is still unclear which users were affected, in 2019 Facebook stated that most of the compromised plain text passwords were associated with Facebook Lite.
- Meta is also facing a $1.3 billion fine for violating data protection laws related to the transfer of user data between the EU and the U.S.
- This privacy scandal has significantly damaged Meta's reputation and led to a series of legal challenges and hefty financial penalties.
- Given the substantial fines and regulatory pressure, it is expected that Meta has made efforts to enhance its data security.
- Meta needs to take meaningful steps to rebuild trust and ensure the protection of user data going forward.
- Meta's failure to properly encrypt passwords and its slow response in notifying authorities of the breach were clear violations of GDPR regulations.
Read Full Article
9 Likes
For uninterrupted reading, download the app