In 2019, Meta faced a password storage lapse resulting in hundreds of millions of Facebook, Facebook Lite, and Instagram passwords being stored unprotected in plaintext on internal platforms. This lapse in data protection led to a substantial fine of €91 million by the Irish Data Protection Commission for violating the EU's General Data Protection Regulation. The exposure of such sensitive data posed a significant risk of abuse and unauthorized access to users' social media accounts, undermining user privacy and security.
Source: https://www.wired.com/story/nist-password-guidance-improvements/
"id": "met000092924",
"linkid": "meta",
"type": "Vulnerability",
"date": "9/2024",
"severity": "100",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"