Meta Platforms' Irish Unit Fined $264 Million for Data Breach

Meta Platforms Inc (NASDAQ:META)'s Irish subsidiary has been fined €251 million ($264 million) by the Irish Data Protection Commission. The penalty follows two investigations related to a data breach that affected 29 million users worldwide, as announced by the regulatory body on Tuesday.

The breach reported by Meta Platforms Ireland Limited in September 2018 compromised data including full names, email addresses, phone numbers, timeline posts, and group memberships. The regulatory body also stated that approximately three million of the affected users were located in the European Union and European Economic Area.

The incident occurred after unauthorized third parties misused user tokens on Facebook. The issue was addressed shortly after it was discovered by Meta Platforms Ireland Limited and its parent company in the U.S.

The Irish Data Protection Commission found that Meta Platforms violated the General Data Protection Regulation (GDPR) rules. The tech company failed to document the facts regarding the breaches and the measures taken to address them. The regulatory body also noted that Meta Platforms did not fulfill its obligation to ensure that personal data was processed only for specific purposes by default.

In response to the fine, a spokesperson for Meta stated, "We took immediate action as soon as the issue was identified, and we proactively informed the affected individuals and the Irish Data Protection Commission. We have a leading set of measures in place to protect people across our platforms."