Meta Fined $102 Million For Storing 600 Million Passwords In Plain Text (appleinsider.com) 13
Meta has been fined $101.5 million by the Irish Data Protection Commission (DPC) for storing over half a billion user passwords in plain text for years, with some engineers having access to this data for over a decade. The issue, discovered in 2019, predominantly affected non-US users, especially those using Facebook Lite. AppleInsider reports: Meta Ireland was found guilty of infringing four parts of GDPR, including how it "failed to notify the DPC of a personal data breach concerning storage of user passwords in plain text." Meta Ireland did report the failure, but only some months after it was discovered. "It is widely accepted that user passwords should not be stored in plaintext, considering the risks of abuse that arise from persons accessing such data," said Graham Doyle, Deputy Commissioner at the DPC, in a statement about the fine. "It must be borne in mind, that the passwords the subject of consideration in this case, are particularly sensitive, as they would enable access to users' social media accounts."
Other than the fine and an official reprimand, the full extent of the DPC's ruling is yet to be released publicly. The details published so far do not reveal whether the passwords included any of US users as well as ones in Ireland or across the rest of the European Union. It's most likely that the issue concerns only non-US users, however. That's because in 2019, Facebook told CNN that the majority of the plain text passwords were for a service called Facebook Lite, which it described as being a cut-down service for areas of the world with slower connectivity.
Other than the fine and an official reprimand, the full extent of the DPC's ruling is yet to be released publicly. The details published so far do not reveal whether the passwords included any of US users as well as ones in Ireland or across the rest of the European Union. It's most likely that the issue concerns only non-US users, however. That's because in 2019, Facebook told CNN that the majority of the plain text passwords were for a service called Facebook Lite, which it described as being a cut-down service for areas of the world with slower connectivity.
I'm shocked! (Score:3)
Everybody with a three-figure IQ understands that Meta has no respect for anyone's privacy or security except Zuckerberg's. Why would anybody be surprised when he rubs our noses in it by storing passwords in plain text?
Cost of Doing Business? (Score:3)
Re: (Score:2)
Isn't Ireland already getting plenty of money? (Score:2)
Zucks not apologizing (Score:2)
Zuck has already said that he's sorry he ever apologized for anything Facef did so don't expect an apology.
Seriously? (Score:3)
"It must be borne in mind, that the passwords the subject of consideration in this case, are particularly sensitive, as they would enable access to users' social media accounts."
Since when are social media account passwords "particularly sensitive". It's online bullshitting. It is not your bank account.
Fine 'em for the violation... but don't BS us about how important social media accounts are -life goes on without them, otherwise being banned would be a crime.
Re: (Score:2)
You can use facebook to log into a number of other accounts these days, including ones with payment systems.
Re: (Score:2)
Obviously not punitive (Score:3)
Feels weird (Score:2)