Ireland’s Data Protection Commission (DPC) on Friday fined Meta 91 million euros (around $101.5 million) for 2019 breach that exposed hundreds of millions of Facebook passwords.
The Irish regulator announced its final decision following an inquiry into Meta Platforms Ireland Limited (MPIL) which was launched in April 2019, after meta said it had inadvertently stored certain passwords of social media users in ‘plaintext’ on its internal systems (without cryptographic protection or encryption).
“It is widely accepted that user passwords should not be stored in plaintext, considering the risks of abuse that arise from persons accessing such data,” said Graham Doyle, deputy commissioner at the DPC.
“It must be borne in mind, that the passwords the subject of consideration in this case, are particularly sensitive, as they would enable access to users’ social media accounts,” Doyle added.