Facebook may get $1.63 billion fine in EU due to recent hack

Victor Barreiro Jr.
Facebook may get $1.63 billion fine in EU due to recent hack
Less than 10% of the total number of those affected – or some 5 million EU Facebook users – are hit by the attack on Facebook, according to a tweet from the Irish Data Protection Commission (IDPC)

MANILA, Philippines – The European Union may slap Facebook with an up to $1.63 billion fine following the social media company’s disclosure that some 50 million users were affected by a hack, the Wall Street Journal reported Sunday, September 30 (October 1, Manila time). 

Facebook disclosed on September 28 (September 29, Manila time) that attackers took advantage of 3 bugs on the service to take the access tokens of 50 million accounts. The access tokens allowed access to a user’s Facebook account and also allowed an attacker to potentially access accounts of app or service users who took advantage of Facebook’s Single Sign-on for logging into other services.

Facebook reset the access tokens of 90 million accounts in the process of fixing the issue, but will have to deal with the repercussions of the attack as the days progress. (READ: What to do after the massive Facebook hack?)

Less than 10% of the total number of those affected – or some 5 million EU Facebook users – were hit by the attack on Facebook, according to a tweet from the Irish Data Protection Commission (IDPC).


 

In response to the tweet, Facebook said it was working with the IDPC to “share preliminary data about Friday’s security issue.”


 

The Wall Street Journal adds the GDPR’s potential fine is found as the higher value between a maximum fine of 20 million euros or 4% of the firm’s global annual revenue for the prior year.

Additionally, GDPR mandates the authorities be notified of found breaches within 72 hours. Those who fail to comply face an additional fine: 2% of world-wide revenue. Facebook did disclose the breach within the 72-hour deadline.

While the GDPR could push for a fine, Facebook receiving a penalty will depend on due diligence – whether the company adequately safeguarded users’ data prior to a hack, and whether it complied or cooperated with GDPR statutes.

Facebook may potentially have more liability as the GDPR recommends companies store as little data as possible.

In the US, Facebook is still under investigation by the Federal Trade Commission over the Cambridge Analytica scandal, which may see Facebook getting another fine of over $1 billion.

Fines for Facebook may ultimately depend on how badly governments and the people want answers for these missteps by companies who have our data in their pockets. – Rappler.com

Add a comment

Sort by

There are no comments yet. Add your comment to start the conversation.

Victor Barreiro Jr.

Victor Barreiro Jr is part of Rappler's Central Desk. An avid patron of role-playing games and science fiction and fantasy shows, he also yearns to do good in the world, and hopes his work with Rappler helps to increase the good that's out there.