Meta Fined $100M For Storing Over Half A Billion Passwords In Plaintext: Mark Zuckerberg-Led Company Reportedly Had 2000 Employees Querying Them 9M Times
Meta Fined $100M For Storing Over Half A Billion Passwords In Plaintext: Mark Zuckerberg-Led Company Reportedly Had 2000 Employees Querying Them 9M Times
The DPC concluded that Meta did not meet the GDPR's security standards, as the passwords were unencrypted, posing a risk of unauthorized access to users' social media accounts. The regulator also found that Meta failed to report the breach within the required 72-hour timeframe and did not properly document the incident.$Meta Platforms (META.US)$ has been fined €91 million ($101.5 million) by Ireland's Data Protection Commission (DPC) for a 2019 security breach.
$Meta Platforms (META.US)$ meta platforms因2019年的一起安防事件被愛爾蘭數據保護委員會 (DPC) 處以9100萬歐元(10150萬美元)的罰款。
What Happened: The DPC initiated an investigation in April 2019 under the General Data Protection Regulation (GDPR) after Meta, then known as Facebook, disclosed that "hundreds of millions" of user passwords were stored in plaintext on its servers.
事件經過:DPC在2019年4月根據《一般數據保護條例》 (GDPR) 啓動了一項調查,此前被稱爲Facebook的meta披露稱,在其服務器上以明文存儲了「數億」用戶密碼。
To make matters worse, the 600 million passwords stored in plaintext were reportedly accessed by 2,000 engineers at the company nearly nine million times.
更糟糕的是,以明文存儲的6千萬密碼據報道被公司的2000名工程師近900萬次訪問。
The DPC concluded that Meta did not meet the GDPR's security standards, as the passwords were unencrypted, posing a risk of unauthorized access to users' social media accounts. The regulator also found that Meta failed to report the breach within the required 72-hour timeframe and did not properly document the incident.
DPC得出結論稱meta未達到GDPR的安全標準,因爲密碼未加密,存在未經授權訪問用戶社交媒體帳戶的風險。監管機構還發現meta未能在規定的72小時內報告此次安全事故,並未正確記錄事件。
Deputy Commissioner Graham Doyle emphasized the sensitivity of the exposed passwords, noting the risks of abuse from unauthorized access.
副專員格雷厄姆·多伊爾強調了被曝光密碼的敏感性,指出未經授權訪問可能帶來的濫用風險。
This fine adds to Meta's history of GDPR penalties, highlighting ongoing privacy compliance issues. The €91 million penalty is significantly higher than the €17 million fine imposed in March 2022 for a separate 2018 breach.
這次罰款進一步凸顯了meta在GDPR處罰方面的歷史,突顯了持續存在的隱私合規問題。這項9100萬歐元的罰款比2022年3月因2018年另一起違規事件而處以的1700萬歐元罰款高得多。
Why It Matters: This latest fine is part of a series of penalties that Meta has faced over the years for privacy violations. In March 2022, the Irish government fined Meta $18.6 million for mishandling 12 data breaches between June 2018 and December 2018.
重要性:這項最新罰款是meta多年來因隱私違規而面臨的一系列處罰之一。2022年3月,愛爾蘭政府因meta在2018年6月至12月之間處理12起數據泄露事件不當而對其處以1860萬美元的罰款。
The DPC found that Meta failed to implement adequate security measures to protect EU users' data.
DPC發現,meta platforms未能實施足夠的 安防-半導體 措施來保護歐盟用戶的數據。
In January 2023, the Irish watchdog imposed a €390 million fine on Meta for user privacy violations. The penalty was related to Meta's handling of user data for personalized advertising, which was found to be in breach of GDPR regulations.
2023年1月,愛爾蘭監管機構對meta platforms因用戶隱私違規處以39000萬歐元的罰款。此處罰與meta platforms處理用戶數據用於個性化廣告有關,違反了GDPR法規。
More recently, in July 2023, Meta faced the threat of a $100,000 daily fine in Norway if it did not amend its privacy policies. The Norwegian Data Protection Authority imposed a three-month ban on Meta's behavioral advertising, with potential extensions by the European Data Protection Board.
更近期的是,2023年7月,如果meta platforms不修改其隱私政策,就將面臨挪威每日10萬美元的罰款。挪威數據保護局對meta platforms的行爲廣告施加了爲期三個月的禁令,歐洲數據保護委員會可對其進行延長。
Disclaimer: This content was partially produced with the help of AI tools and was reviewed and published by Benzinga editors.
免責聲明:本內容部分使用人工智能工具生成,並經Benzinga編輯審核發佈。
