Irish DPC fines Meta $102M over GDPR violation linked to improper storage of passwords
By Jeff Dale2024-09-27T22:30:00
The Irish Data Protection Commission (DPC) fined Meta Ireland 91 million euros (U.S. $102 million) for multiple violations of the European Union’s General Data Protection Regulation (GDPR) related to the inadvertent storage of user passwords without encryption.
In 2019, Meta Platforms Ireland Limited (MPIL) notified the regulator and customers that “millions” of passwords were stored in “plaintext” on its internal systems, the Irish DPC announced in a press release Friday.
In June, a draft decision was handed down by other supervisory authorities, as required under Article 60 of the GDPR. On Wednesday, the Irish DPC notified MPIL of its decision to fine the social media giant over violations of Articles 5, 32, and 33 of the GDPR.