Ireland fines Meta over 250 million euros over Facebook hacks

An Irish regulator helping police European Union (EU) data privacy said Tuesday it had fined Facebook-owner Meta 251 million euros ($263 million) for a data protection failure that saw Facebook accounts hacked.

The Data Protection Commission (DPC) criticised Meta for a security flaw in its video upload function which hackers were able to exploit to gain full access to other users' Facebook profiles.

Over a two-week period in 2018, unauthorised users were able to hack into around 29 million Facebook accounts globally.

Stay up to date with the latest news. Follow KT on WhatsApp Channels.

The personal data involved included email addresses, phone numbers, locations, and places of work.

"The failure to build in data protection requirements throughout the design and development cycle can expose individuals to very serious risks and harms, including a risk to the fundamental rights and freedoms of individuals," said Graham Doyle, the regulator's head of communications.

"By allowing unauthorised exposure of profile information, the vulnerabilities behind this breach caused a grave risk of misuse of these types of data," he added.

Meta Ireland and its US parent company remedied the breach shortly after its discovery, the DPC said, and reported the issue to the regulator in September 2018.