b2b-daily
Home | IT | Cyber Security

Why Was Meta Fined €251 Million for a 2018 Data Breach?

Avatar photo
by Paige Williams
December 20, 2024
Why Was Meta Fined €251 Million for a 2018 Data Breach?

In a significant event that underscores the growing emphasis on digital privacy, Meta, formerly known as Facebook, was slapped with a hefty €251 million ($263 million) fine by the European Union’s top data privacy regulator, the Irish Data Protection Commission (DPC). The fine, officially announced on December 17, 2024, was the outcome of a data breach that occurred in 2018, which impacted the personal data of nearly 30 million users. This breach exposed sensitive information, including full names, email addresses, phone numbers, locations, workplaces, dates of birth, religion, gender, Facebook posts, and group memberships.

Breach of General Data Protection Regulation (GDPR)

The DPC found multiple violations of GDPR, which is the stringent data protection law in the European Union. Meta was criticized for inadequate breach notification, poor documentation, failure to uphold data protection principles, and unnecessary data processing. More alarming was the exposure of children’s data, raising severe concerns about the company’s ability to ensure the privacy of its younger users. The incident had a global impact, with approximately 3 million victims hailing from the European Union and the European Economic Area.

It’s not the first time Meta found itself in hot water over data security lapses. Just three months prior, in September, the DPC fined Meta $100 million for exposing the plaintext passwords of about 600 million Facebook users. This violation was disclosed in 2019, thanks to the vigilant efforts of American security researcher Brian Krebs. Meta had admitted its failure to use cryptographic protection or encryption for these passwords, a clear breach of GDPR security standards, which require robust measures to protect personal data.

Implications of the Fine and Regulatory Scrutiny

This incident underscores the growing tension between tech giants and regulatory bodies concerning data protection. The DPC’s decision reflects an enforcement trend as authorities worldwide strive to hold companies accountable for safeguarding users’ personal information. The fine stands as one of the most significant penalties in recent years, emphasizing the critical importance of robust data security measures and user privacy in today’s digital landscape.

Regulation

Explore more

AI and Generative AI Transform Global Corporate Banking
March 20, 2026

The high-stakes world of global corporate finance has finally severed its ties to the sluggish, paper-heavy traditions of the past, replacing the clatter of manual data entry with the silent, lightning-fast processing of neural networks. While the industry once viewed artificial intelligence as a speculative luxury confined to the periphery of experimental “innovation labs,” it has now matured into the

Is Auditability the New Standard for Agentic AI in Finance?
March 20, 2026

The days when a financial analyst could be mesmerized by a chatbot simply generating a coherent market summary have vanished, replaced by a rigorous demand for structural transparency. As financial institutions pivot from experimental generative models to autonomous agents capable of managing liquidity and executing trades, the “wow factor” has been eclipsed by the cold reality of production-grade requirements. In

How to Bridge the Execution Gap in Customer Experience
March 20, 2026

The modern enterprise often functions like a sophisticated supercomputer that possesses every piece of relevant information about a customer yet remains fundamentally incapable of addressing a simple inquiry without requiring the individual to repeat their identity multiple times across different departments. This jarring reality highlights a systemic failure known as the execution gap—a void where multi-million dollar investments in marketing

Trend Analysis: AI Driven DevSecOps Orchestration
March 20, 2026

The velocity of software production has reached a point where human intervention is no longer the primary driver of development, but rather the most significant bottleneck in the security lifecycle. As generative tools produce massive volumes of functional code in seconds, the traditional manual review process has effectively crumbled under the weight of machine-generated output. This shift has created a

Navigating Kubernetes Complexity With FinOps and DevOps Culture
March 20, 2026

The rapid transition from static virtual machine environments to the fluid, containerized architecture of Kubernetes has effectively rewritten the rules of modern infrastructure management. While this shift has empowered engineering teams to deploy at an unprecedented velocity, it has simultaneously introduced a layer of financial complexity that traditional billing models are ill-equipped to handle. As organizations navigate the current landscape,