Ireland’s data regulator has opened a case into the cyber attack that allowed hackers to access up to 50m Facebook accounts. The Irish Data Protection Commission, which is responsible for regulating Facebook’s data processing activities in Europe, said it was “concerned that this breach was discovered on Tuesday and affects millions of users”.
The Irish regulator is preparing to launch a formal investigation under sweeping new European rules that expose the company to huge fines for serious data breaches.
It said at that time Facebook was “unable to clarify the nature of the breach and risk to users” and that it was pressing the company to “urgently clarify these matters”.
In a statement on Twitter on Monday evening, the commission said it understood the number of potentially affected EU accounts “is less than 10 per cent of the 50 million accounts in total potentially affected by the security breach”. This means about 5 million of the users affected by the breach may be in the EU.
“Facebook has assured us that they will be in a position to provide a further breakdown in relation to more detailed numbers soon,” the commission added.
Facebook says its data regarding the geographic location of its users is based on a number of factors, such as the user’s internet protocol (IP) address and “self-disclosed location”.
It says these factors may not always accurately reflect a user’s actual location.
Irish Times / FT
