[[{“value”:”
The Irish Data Protection Commission (DPC) fined Meta €91 million for “inadvertently” storing user passwords without cryptographic protection or encryption, closing a five-year-old case, according to a Friday press release.
The DPC investigation started in April 2019 after Meta’s Ireland entity notified the authorities in charge of regulating Facebook and Instagram parent in the EU.
The company had been storing social media users’ passwords in plain text in its internal databases, meaning they were available to thousands of employees, CNN reported at the time. Meta discovered the exposed passwords in a security review in January 2019, with millions of users affected.
The DPC submitted its draft decision to other EU and EEA authorities in June and received no objections.
“It is widely accepted that user passwords should not be stored in plaintext, considering the risks of abuse that arise from persons accessing such data,” said Deputy Commissioner at the DPC, Graham Doyle, in the press release.
Meta was found in breach of the General Data Protection Regulation (GDPR), specifically for not securing the passwords, failing to notify the authority, and not documenting the data breach.
https://energynewsbeat.co/investinoil/
Crude Oil, LNG, Jet Fuel price quote
ENB Top News
ENB
Energy Dashboard
ENB Podcast
ENB Substack
The post Irish DPC fines Meta €91 million over password management lapse appeared first on Energy News Beat.
“}]]