THE SOCIAL NETWORK Facebook could face a hefty $1.63bn (£1.25bn) GDPR fine in the wake of last week's mega-breach.
Although less than 10 per cent of the 50 million users affected by the recent breach lived in the European Union, according to the Irish Data Protection Commission (IDPC), Facebook still could be liable for up to $1.63bn in fines, or four per cent of its $40.7bn in annual global revenue for the previous financial year, if the EU determines it didn't do enough to protect users' security.
UPDATE Facebook data breach - @DPCIreland understands that the number of potentially affected EU accounts is less than 10% of the 50 million accounts in total potentially affected by the security breach. DPC Ireland statement beneath. #dataprotection #GDPR #EUdataP pic.twitter.com/oSfGy6DP2S— Data Protection Commission Ireland (@DPCIreland) October 1, 2018
So says the Wall Street Journal, which reports that the IDPC wants more information about the incident, including details on which EU citizens might have been affected.
The commission said it was "concerned at the fact that this breach was discovered on Tuesday and affects many millions of user accounts but Facebook is unable to clarify the nature of the breach and the risk for users at this point."
Facebook wrote in response to the IDPC's tweet (above) that "We're working with regulators including the Irish Data Protection Commission to share preliminary data about Friday's security issue. As we work to confirm the location of those potentially affected, we plan to release further info soon."
The breach, which Facebook announced on Friday after uncovering on Tuesday, saw hackers exploit a vulnerability in Facebook's code that impacted 'View As', a feature that lets people see what their own profile looks like to someone else.
This allowed the as-yet-unidentified attackers to access users' authentication tokens, which means they had access to personal details, including private messages, which would have been exposed to harvesting until Facebook forced a log-out.
As if that wasn't enough to convince you to delete your Facebook account, the company confirmed over the weekend that if any of the 50 million affected used their Facebook accounts to log into third-party sites - Spotify, Instagram, Tinder or Airbnb, to name but a few - data from those can easily have leaked too. µ
Report calls on UK gov to do more to support Brit businesses
Beta go give it a whirl
Your 2 Unlimited records never sounded (so) good
That's, um, £2,906 over two years