Ireland’s privacy regulator said Wednesday it has opened an investigation into Facebook after data on more than 500 million users was reportedly found dumped online, in a suspected violation of strict European Union privacy rules.
The Data Protection Commission said it decided to start investigating following “multiple international media reports” about the data dump.
News reports earlier this month said the data was found on a website for hackers and contained information on 533 million users from more than 100 countries, including names, Facebook IDs, phone numbers, locations, birthdates and email addresses.
The watchdog said it launched the investigation after it “engaged with Facebook Ireland,” questioning it about compliance with privacy rules. The company responded, the Irish agency said, suggesting it wasn’t satisfied with the answers.
Facebook said it’s “cooperating fully” with the investigation.
The company has previously downplayed the problem, saying “malicious actors” didn’t hack its systems but used automated software to scrape the data from Facebook’s platform.
The problem stemmed from a vulnerability, reported and fixed in 2019, in features that allow users to import contacts.
“These features are common to many apps and we look forward to explaining them and the protections we have put in place,” Facebook said in a statement.
Still, it’s another example of the vast amount of information collected by Facebook and other social media sites, and the limits to how secure that information is. And even though Facebook has patched the vulnerability, the user data is already out in the open and could be exploited by fraudsters.
Facebook, based in Menlo Park, California, has its European headquarters in Ireland, making that country’s watchdog its lead privacy regulator for the European Union under a system known as “one-stop shop.”
Irish regulators are already working on a dozen other investigations of Facebook and Instagram over suspected privacy breaches.
Related: Facebook Paid Out $50K for Vulnerabilities Allowing Access to Internal Systems
Related: Facebook Fails in Bid to Derail $15 Bn Privacy Suit
Related: Facebook Admits to Tracking Non-Users Across the Internet
Related: Apple to Press Ahead on Mobile Privacy, Despite Facebook Protests
More from Associated Press
- Idaho Hospitals Working to Resume Full Operations After Cyberattack
- Major Massachusetts Health Insurer Hit by Ransomware Attack, Member Data May Be Compromised
- Biden Picks New NSA Head, Key to Support of Ukraine, Defense of US Elections
- White House Unveils New Efforts to Guide Federal Research of AI
- Meta Fined Record $1.3 Billion and Ordered to Stop Sending European User Data to US
- China Tells Tech Manufacturers to Stop Using Micron Chips, Stepping Up Feud With United States
- ChatGPT’s Chief Testifies Before Congress, Calls for New Agency to Regulate Artificial Intelligence
- Philadelphia Inquirer Hit by Cyberattack Causing Newspaper’s Largest Disruption in Decades
Latest News
- In Other News: Government Use of Spyware, New Industrial Security Tools, Japan Router Hack
- OpenAI Unveils Million-Dollar Cybersecurity Grant Program
- Galvanick Banks $10 Million for Industrial XDR Technology
- Information of 2.5M People Stolen in Ransomware Attack at Massachusetts Health Insurer
- US, South Korea Detail North Korea’s Social Engineering Techniques
- High-Severity Vulnerabilities Patched in Splunk Enterprise
- Idaho Hospitals Working to Resume Full Operations After Cyberattack
- Enzo Biochem Ransomware Attack Exposes Information of 2.5M Individuals
