Home > Technology > Irish Data Protection Commissioner investigates Facebook

Irish Data Protection Commissioner investigates Facebook

Written by Business World, on 4th Oct 2018. Posted in Technology

article headline

Facebook's lead regulator in the European Union, the Irish Data Protection Commissioner (DPC), on Wednesday began an investigation into a massive cyberattack on the social networking site disclosed by the company last week.

Facebook said on Friday that hackers had stolen login codes that allowed them to access nearly 50 million Facebook accounts, its worst-ever security breach given the unprecedented level of potential access.

"In particular, the investigation will examine Facebook's compliance with its obligation under the General Data Protection Regulation (GDPR) to implement appropriate technical and organizational measures to ensure the security and safeguarding of the personal data it processes," the DPC said in a statement.

Facebook spokeswoman Katy Dormer declined comment on the agency's review.

Under the new GDPR European privacy regulations, which came into effect in May, breaking privacy laws can result in fines of up to 4 percent of global revenue or 20 million euros, whichever is higher, as opposed to a few hundred thousand euros previously.

The DPC, which regulates a number of U.S. multinationals with European headquarters in Dublin, said Facebook informed it that their own internal investigation is ongoing and that the company continued to take remedial actions to mitigate the potential risk to users.

Facebook said on Tuesday that investigators had determined that the hackers did not access other sites that use the social networking site's single sign-on.

The U.S. Federal Trade Commission on Wednesday advised Facebook users to consider changing their passwords and be on the alert for "imposter scams" targeting them with data stolen from the social networking site.

"If someone calls you out of the blue asking for money or personal information, hang up," FTC attorney Lisa Weintraub Schifferle said in an alert posted on the agency's website.

Some security experts, including a former Facebook executive, said the company may have painted a worst-case scenario when it disclosed the attack on Friday to ensure compliance with the strict new European Union privacy rules.

GDPR imposes steep penalties if companies fail to follow rules that include a requirement that they disclose breaches within 72 hours of discovery. That is a tight window that security experts say does not give investigators adequate time to determine the impact of the breach.

Facebook's latest vulnerability had existed since July 2017, but the company first identified it on Tuesday of last week. (Reuters)

Source: www.businessworld.ie

More articles from Technology

image Description

Dublin fintech firm announces 20 new jobs

Read more
image Description

Global tech company to invest in Dublin

Read more
image Description

80% of Irish consumers plan to shop online this Christmas

Read more
image Description

Genesys creates 200 new tech jobs in Galway

Read more
image Description

Facebook to acquire Bank Centre currently occupied by AIB

Read more