The European Union’s privacy regulatory authorities have imposed hefty fines totaling €251 million on Facebook’s parent company, Meta, following a lengthy investigation into a user data breach in 2018.

Hackers could access user accounts by exploiting vulnerabilities in the Facebook platform, allowing them to steal access tokens. This incident put millions of accounts at risk.

The Irish Data Protection Commission issued these fines, as Meta’s regional headquarters is located in Dublin. Following the investigations, several violations of the General Data Protection Regulation (GDPR), a stringent law enforced by the EU to protect data privacy, were uncovered.