The Irish Data Protection Commission took this initiative after this massive leak of information spread.
Ireland's Data Protection Commission (DPC) announced Wednesday is opening an investigation into Facebook following the disclosure of the data breach of more than 530 million users dating back to an identified vulnerability and solved in 2019. Everything indicates that the fault identified at that time allowed the leakage of information that, in these days, was known to be circulating and available on the network.
According to a released statement, the Irish regulator, competent because the social network has its European headquarters installed in this country, will investigate whether the computer giant complied with its control obligations. The entity claims to have been in contact with the social network as a result of this incident and believes that there may have been a violation of the General Data Protection Regulation (RGPD) of the European Union, something that must be determined within the framework of the investigation.
"We are fully cooperating with the investigation of the DPC," said a company spokesman, ensuring that the functions in question, which facilitate the search for users, are "common in many applications" and that the group "will explain the protections established."
The GDPR, launched in 2018, empowers regulators to protect consumers against data breaches that affect the right to privacy and security. In this sense, the regulation allows regulators to fine these groups up to 4% of their global turnover.
In the case of the company led by Zuckerberg, the Irish body had already warned last week that personal data "that appears to come from Facebook appeared on a freely accessible website this weekend that contains the data of 533 million people", including a "significant number of European users".
Among the leaked data are emails and phones. The DPC added that some of this information is from 2018, and others could be "more recent," adding that it had not received any advance notice from Facebook. Stolen data, including emails and phone numbers, expose you to "spamming for marketing purposes, but users should also be on the lookout for any services that require authentication with a phone number or email address, for if third parties try to access" the accounts in question, the regulator warned.
It is not the first time that data from millions of social network users has been published on the internet, which has almost 2,800 million users monthly. A company spokesperson said ten days ago that the data was "old" and that its leak "had already been reported in the media in 2019." "We identified and solved this problem in August 2019," he said.
The social network's reputation for data privacy was seriously tarnished by the Cambridge Analytica scandal, revealed in 2018, named after a British company that unauthorized use of the personal data of tens of millions of users of the famous site for political propaganda.
Facebook has other ongoing investigations with the DPC. One of its subsidiaries, the social network Instagram, has been under investigation in Europe since 2020 for handling the personal data of underage users. The regulator opened two separate procedures last month after receiving complaints that the phone numbers and email addresses of people under 18 were accessible to all network users.