Ireland launches inquiry on data leak notice by Facebook, 500 million users effected

Facebook Inc is currently facing an inquiry from Ireland's Data Protection Commission (DPC) over complaints of data leaks by "malicious actors". The DPC started an inspection after reports surfaced of personal data leaks of more than 500 million Facebook users across the world. Last week, in a blog post, Facebook said that hackers removed data from the site prior to 2019. Facebook has also claimed that the company made changes in its settings after they find out about the illegal activity.

The social media platform further wrote that the practice of scrapping is 'common'. 

"Prior to September 2019, malicious actors scraped public information from more than 530 million Facebook users and put it in databases that are hosted off Facebook. Scraping is a common tactic that often relies on automated software to lift public information from the Internet that can end up being distributed in online forums," added Facebook. 

After Facebook provided the information it was found that one or more regulations of EU's General Data Protection Regulation's (GDPR) and/or Data Protection Act 2018 have been violated. The protocols are breached in relation to Facebook users' personal data. Facebook in its post further explained that a loophole in the application was used to operate the information. 

Facebook on-board with investigation

It has been reported that Facebook officials are cooperating with the investigation and are expected to explain what features led to the exploitation. According to the social media application, the information which was "public" has been scrapped. The blog post further explains how to keep a check of settings in the application to know about what is getting shared publicly. 

Europian Union DPC

The DPC is the regulator of the European Union that monitors technological giants including Facebook, Apple, Google, and others. The GDPR's EU headquarters are located in Ireland. Facebook had earlier reported large-scale wrapping cases between June 2017 and April 2018 by that time GDPR rules did not exist. The regulators have informed that the current data leak might be comprised with 2018 dataset and added more records. Last year, DPC had launched more than 27 inquiries to US technology firms that also included Facebook, Whatsapp, and Instagram subsidiaries.