Straitstimes.com header logo

Meta’s Irish arm fined $356m by watchdog over data breach

Sign up now: Get ST's newsletters delivered to your inbox

The breach was reported by Meta Platforms Ireland Limited (MPIL) in September 2018.

The breach was reported by Meta Platforms Ireland in September 2018.

PHOTO: REUTERS

Follow topic:

DUBLIN – Ireland’s Data Protection Commission fined Meta Platforms’ Irish arm €251 million (S$356 million) following two inquiries into a personal data breach that it said impacted 29 million users worldwide.

The breach was reported by Meta Platforms Ireland (MPI) in September 2018.

It impacted data including full names, e-mail addresses, phone numbers, posts on timelines and groups of which the user was a member, according to a statement by the watchdog on Dec 17.

Approximately three million of the users impacted were based in the European Union (EU) and European Economic Area, the statement added. 

The breach arose from the exploitation by unauthorised third parties of user tokens on Facebook, the statement added. It was remedied by MPI and its US parent company shortly after its discovery, it added. 

The Data Protection Commission found that the tech giant infringed General Data Protection Regulation rules by failing to document facts relating to breaches and the steps taken to remedy them.

It also noted that it failed in its obligations to ensure that, by default, only personal data necessary for specific purposes are processed, the statement said.

“We took immediate action to fix the problem as soon as it was identified, and we pro-actively informed people impacted as well as the Irish Data Protection Commission.

“We have a wide range of industry-leading measures in place to protect people across our platforms,” a Meta company spokesperson said in an e-mailed statement. 

Ireland’s watchdog already chided the platform in 2024, slapping it with a €91 million fine in September over an investigation into password storing by the company.

It only adds to a record €1.2 billion EU privacy fine that the tech giant was handed in 2023 by the same commission when it was accused of shipping users’ data to the US.

The fines are part of the EU’s broader big tech crackdown, which the Irish watchdog plays a large part in thanks to being the lead privacy regulator for some of the biggest tech companies with an EU base in the country.

The commission will publish the full decision and further related information in due course, it said. Meta said it will appeal the decisions. BLOOMBERG

More on this topic
Meta’s handling of personal data has been questionable
Facebook owner Meta Platforms seeks to stop privacy breach fine in Norway
See more on

E-paper

Newsletters

Podcasts

RSS Feed

About Us

Terms & Conditions

Privacy Policy

Need help? Reach us here.

Advertise with us

Download the app

Get unlimited access to exclusive stories and incisive insights from the ST newsroom
Subscribe Placeholder
MDDI (P) 046/10/2025. Published by SPH Media Limited, Co. Regn. No.202120748H. Copyright © 2025 SPH Media Limited. All rights reserved.