Meta fined €91 million for storing Facebook and Instagram passwords in plain text

Meta has been fined €91 million by the Irish Data Protection Commission for storing users' Facebook and Instagram passwords in plain text. This security failure, discovered in 2019, violated multiple regulations under the EU's General Data Protection Regulation. The investigation revealed that Meta did not promptly notify authorities about the breach and lacked adequate security measures. The issue affected millions of users, with passwords exposed since at least 2012. In response to the fine, Meta stated it took immediate action to resolve the issue and informed the DPC. However, the commission emphasized that storing sensitive data like passwords in plain text is unacceptable.