Meta

Meta

In 2019, Meta faced a password storage lapse resulting in hundreds of millions of Facebook, Facebook Lite, and Instagram passwords being stored unprotected in plaintext on internal platforms. This lapse in data protection led to a substantial fine of €91 million by the Irish Data Protection Commission for violating the EU's General Data Protection Regulation. The exposure of such sensitive data posed a significant risk of abuse and unauthorized access to users' social media accounts, undermining user privacy and security.

Source: https://www.wired.com/story/nist-password-guidance-improvements/

TPRM report: https://scoringcyber.rankiteo.com/company/meta

"id": "met000092924",
"linkid": "meta",
"type": "Vulnerability",
"date": "9/2024",
"severity": "100",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'customers_affected': 'Hundreds of millions',
                        'industry': 'Social Media',
                        'name': 'Meta',
                        'type': 'Company'}],
 'attack_vector': 'Internal Data Handling',
 'data_breach': {'number_of_records_exposed': 'Hundreds of millions',
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': 'Passwords'},
 'description': 'In 2019, Meta faced a password storage lapse resulting in '
                'hundreds of millions of Facebook, Facebook Lite, and '
                'Instagram passwords being stored unprotected in plaintext on '
                'internal platforms.',
 'impact': {'brand_reputation_impact': 'Undermining user privacy and security',
            'data_compromised': 'Passwords',
            'financial_loss': '€91 million fine',
            'identity_theft_risk': 'Significant risk of abuse and unauthorized '
                                   'access',
            'legal_liabilities': "Violation of EU's General Data Protection "
                                 'Regulation',
            'systems_affected': 'Internal platforms'},
 'regulatory_compliance': {'fines_imposed': '€91 million',
                           'regulations_violated': "EU's General Data "
                                                   'Protection Regulation'},
 'title': 'Meta Password Storage Lapse',
 'type': 'Data Breach',
 'vulnerability_exploited': 'Unprotected plaintext password storage'}
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.