Irish regulator opens Facebook data breach investigation

FILE - In this March 29, 2018, file photo, the logo for Facebook appears on screens at the Nasdaq MarketSite in New York's Times Square. Ireland's data regulator has launched an investigation of Facebook over a recent data breach that allowed hackers access 50 million accounts which could potentially cost Facebook more than $1.6 billion in fines. The Irish Data Protection Commission said Wednesday, Oct. 3, 2018 that it will look into whether the U.S. social media company complied with European regulations that went into effect earlier this year covering data protection. Facebook didn't immediately return a request for comment. (AP Photo/Richard Drew, File)

LONDON — Ireland's data regulator has launched an investigation of Facebook over a recent data breach that allowed hackers access to 50 million accounts. The probe could potentially cost Facebook more than $1.6 billion in fines.

The Irish Data Protection Commission said Wednesday that it will look into whether the U.S. social media company complied with European regulations that went into effect earlier this year covering data protection.

It's the latest headache for Facebook in Europe, where authorities are turning up the heat on dominant tech firms over data protection. Last month, European Union consumer protection chief Vera Jourova said that she was growing impatient with Facebook for being too slow in clarifying the fine print in its terms of service covering what happens to user data and warned that the company could face sanctions.

The commission said in a statement that it would examine whether Facebook put in place "appropriate technical and organizational measures to ensure the security and safeguarding of the personal data it processes."

The commission said earlier this week the number of EU accounts potentially affected numbered less than 5 million.

Ireland, which is Facebook's lead privacy regulator for Europe, is moving swiftly to investigate the U.S. tech company since the breach became public on Friday.

Facebook said Friday attackers gained the ability to "seize control" of user accounts by stealing digital keys the company uses to keep users logged in. They could do so by exploiting three distinct bugs in Facebook's code.

The company said it has fixed the bugs and logged out the 50 million breached users — plus another 40 million who were vulnerable to the attack — in order to reset those digital keys. Facebook said it doesn't know who was behind the attacks or where they're based. Neither passwords nor credit card data was stolen. At the time, the company said it alerted the FBI and regulators in the U.S. and Europe.

Facebook on Wednesday didn't immediately return a request for comment.

Facebook has faced a tumultuous year of security problems and privacy issues . News broke early this year that a data analytics firm once employed by the Trump campaign, Cambridge Analytica, had improperly gained access to personal data from millions of user profiles. Then a congressional investigation found that agents from Russia and other countries have been posting fake political ads since at least 2016. In April, Zuckerberg appeared at a congressional hearing focused on Facebook's privacy practices.

The European Union implemented stronger data and privacy rules, known as General Data Protection Regulation, in May.

The case could prove to be the first major test of GDPR. Under the new rules, companies could be hit with fines equal to 4 percent of annual global turnover for the most serious violations. In Facebook's case, that could amount to more than $1.6 billion based on its 2017 revenues.

The new rules also require companies to disclose any breaches within 72 hours. The commission said Facebook informed it that its internal investigation is continuing and that it is taking actions to "mitigate the potential risk to users."

__

AP Technology Reporter Mae Anderson in New York contributed to this report.

You may also interested in

US strikes on Syria keep a lid on global stocks...

Apr 7, 2017

Soft U.S. jobs data and the decision by President Donald Trump to authorize the firing of U.S....

Log in, look out: Cyber chaos may grow at...

May 15, 2017

Employees booting up computers at work Monday could see red as they discover they're victims of a...

An alert researcher, teamwork helped stem huge...

May 14, 2017

An alert researcher, a cheap domain name, cross-ocean cooperation helped stem effects of cyberattack

Study: Taking abortion pill at home as safe as in...

May 17, 2017

Medical abortions done at home with online help and pills sent in the mail appear to be just as...

Sweden drops case but WikiLeaks' Assange is not...

May 19, 2017

Swedish prosecutors have dropped their investigation into a rape allegation against Julian Assange,...

Sign up now!

About Us

Future Science Today reports on captivating developments in science, medicine, technology, and the world around us.

Contact us: sales[at]futuresciencetoday.com