Irish regulator fines Meta $276 mn over data leak that also hit Indian users

The Data Protection Commission (DPC) in Ireland has fined Meta $276 million over a data leak that exposed the information of more than 533 million users, including 6.1 million Indians, in April 2021.

The commission announced the conclusion to an inquiry into Meta Platforms Ireland Limited (MPIL), data controller of the "Facebook" social media network, imposing a fine and a range of corrective measures.

The DPC commenced the inquiry "on foot of media reports into the discovery of a collated dataset of Facebook personal data that had been made available on the internet."

"The decision records findings of infringement of Articles 25(1) and 25(2) GDPR. The decision imposed a reprimand and an order requiring MPIL to bring its processing into compliance by taking a range of specified remedial actions within a particular timeframe," the DPC said in a statement late on Monday.

In April 2021, personal data of nearly 533 million (53.3 crore) Facebook users, including 61 lakh Indians, emerged online after a hacker posted the details on a digital forum.

The leaked data included Facebook ID numbers, profile names, email addresses, location information, gender details, job data, and other details.

Facebook had said this was old data that it previously reported on in 2019.

According to media reports, the leaked data included Meta Founder and CEO Mark Zuckerberg's phone number, Facebook user ID, and details like location, marriage details and birth dates.