Data Protection Commission launch probe into Facebook data breach
The Data Protection Commission has begun an investigation into last week’s Facebook data breach, in which around 50 million accounts were affected.
The commission said the investigation would examine the company’s compliance under GDPR to ensure the security of the personal data it processes.
It said that Facebook was continuing its own internal investigation into the breach.
The company said it was continuing to take remedial actions to mitigate the potential risk to users.
Facebook has said that around 50 million accounts were hit in last week’s data breach.
The Data Protection Commission said on Monday that it understands up to five million of the accounts that were hit were from the EU.
UPDATE Facebook data breach – @DPCIreland understands that the number of potentially affected EU accounts is less than 10% of the 50 million accounts in total potentially affected by the security breach. DPC Ireland statement beneath. #dataprotection #GDPR #EUdataP pic.twitter.com/oSfGy6DP2S
— Data Protection Commission Ireland (@DPCIreland) October 1, 2018
Facebook has assured the commission that it would be in a position to provide a more detailed breakdown of affected accounts soon.
It remains unclear how many accounts hit by the breach were in Ireland.
The issue arose when attackers exploited a vulnerability in the social network’s code for “View As” – a feature that lets people see what their own profile looks like to someone else.
This enabled them to steal access tokens, which they could then use to take over people’s accounts, the company said.
— Data Protection Commission Ireland (@DPCIreland) October 3, 2018
Former GP surgery secretary fined for reading medical records of 231 patients in two years
House viewers asked to hand over social media accounts and PPS numbers