Ankara, May 11: Turkey’s Personal Data Protection Authority has fined Facebook 1.65 million Turkish liras ($280,000) over data breach.
About 300,000 users in Turkey may have been affected by the data breach that exposed their personal photos in September last year.
According to the Turkish watchdog, Facebook failed to timely intervene to take proper technical and administrative measures during the 12-day existence of the bug last September.
According to a statement from Facebook in December, the company had discovered a photo API bug that allowed third-party applications to access the photos of Facebook users, reports Xinhua news agency.
At the time, Facebook said that the bug “might have exposed the non-public photos of 6.8 million users to around 1,500 apps built by 876 developers”, reports ZDnet.
The watchdog said it decided to fine the social network for failing to react in a timely manner and fix the bug, but also for neglecting to notify Turkish authorities of the incident.
The Turkish watchdog is also investigating Facebook for a September 2018 data breach, when unknown hackers exploited three bugs to steal the personal details of 50 million users — later adjusted to 30 million.
In March, Facebook disclosed yet another security incident, admitting to storing hundreds of millions of users’ passwords in plaintext, along with plaintext passwords for millions of Instagram accounts.
In the US, Facebook is facing a hefty fine from the Federal Trade Commission over data privacy scandals.
Facebook expects the fine to be in the range of $3-5 billion and has kept aside $3 billion in legal expenses related to the investigation.