Facebook under investigation following massive data breach
Irish regulator suspects Facebook is guilty of breaching data protection laws
When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.
The Irish Data Protection Commissioner will launch a formal investigation into theFacebook data breachthat saw the personal information of hundreds of millions of users exposed online.
The regulator was already in the process of examining claims the data was lifted as far back as 2019, but has now come to the conclusion that data protection laws may have been violated by the social media company.
In a statement, Facebook said it intends to cooperate fully with the investigation and looks forward to explaining the factors that led to the breach and the protections in place to shield user data.
Facebook data breach
Earlier this month, it emerged Facebook had suffered a large scale data incident that compromised the personal information of hundreds of millions of users from across the globe.
Made possible by a bug in the platform’s contact syncing feature, the leak is said to have affected 533 million users from 106 different countries, exposing users’ names, email addresses, phone numbers and more.
After the incident came to light, Facebookdrew further criticismfor refusing to notify the individuals whose data had been exposed, leaving people to investigate of their own accord. Asked to justify the decision, a spokesperson explained the company does not yet have a full understanding of the specific users caught up in the breach.
Facebook was also eager to clarify that the data was not stolen via hacking, but rather scraped from the platform. The company claims the attacker had abused a vulnerability that was identified and patched in 2019, which would suggest data housed on its platform today is not at immediate risk.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Nonetheless, the Data Protection Commission believes the company may have violated “one or more provisions of the GDPR and/or Data Protection Act” in its handling of user data.
“Accordingly, the commission considers it appropriate to determine whether Facebook Ireland has complied with its obligations, as data controller, in connection with the processing of personal data of its users,” said the regulator.
ViaBBC
Joel Khalili is the News and Features Editor at TechRadar Pro, covering cybersecurity, data privacy, cloud, AI, blockchain, internet infrastructure, 5G, data storage and computing. He’s responsible for curating our news content, as well as commissioning and producing features on the technologies that are transforming the way the world does business.
This new phishing strategy utilizes GitHub comments to distribute malware
Should your VPN always be on?
GoPro Max 2 hit by further delays – 2025 is the earliest we’ll see the 360-degree action cam
