The Irish Data Protection Commission announced Wednesday the launch of an investigation into Facebook over a recent data breach that allowed access to 90 million accounts worldwide.
The privacy watchdog said it will look into whether the social media giant complied with European regulations covering data protection that went into effect earlier this year. Further, the commission said in a statement that it would examine whether Facebook put in place “appropriate technical and organizational measures to ensure the security and safeguarding of the personal data it processes.” Earlier this week, the commission revealed the number of EU accounts potentially affected numbered less than 5 million. Ireland, which is Facebook’s lead privacy regulator for Europe, is moving swiftly to investigate the Silicon Valley behemoth since the breach became public on September 28.
“Since discovering the data breach, the company reset the digital access codes of the nearly 50 million accounts affected. It’s also, as a precaution, resetting that information for another 40 million accounts, meaning about 90 million people will need to go through a formal log-in process with Facebook now,” Politico reports.
“We patched the issue last night and are taking precautionary measures for those who might have been affected,” Facebook CEO Mark Zuckerberg told reporters earlier this week. “In the interest of transparency, we want to share everything we know now.”
European Union lawmakers appear set this month to demand audits of Facebook by Europe’s cybersecurity agency and data protection authority in the wake of the Cambridge Analytica scandal. A draft resolution submitted last Thursday to the E.U. Parliament’s civil liberties and justice committee urged Facebook to accept “a full and independent audit of its platform investigating data protection and security of personal data.”
Claude Moraes, the chairman of the E.U. parliamentary committee who drafted the resolution, affirmed the investigations “need to be done.” “Not only have Facebook’s policies and actions potentially jeopardized citizens’ personal data, but then they have also had an impact on electoral outcomes and on the trust citizens pose in digital solutions and platforms,” Moraes said in a statement.
The committee aims to adopt the resolution, which will almost certainly be modified, by October 10 and put it to the full assembly for endorsement in late October, well ahead of E.U. elections next May. The resolution also urges European justice authorities to investigate any alleged “misuse of the online political space by foreign forces,” and calls on the E.U.’s executive Commission to propose ways to boost the powers of Europe’s public prosecutor’s office so it can tackle crimes against electoral infrastructure.
It notes “with regret” that Facebook did not send staff with the right technical knowledge to answer lawmakers’ questions and “points out that such an approach is detrimental to the trust European citizens have in social platforms.” Zuckerberg was questioned in Brussels on May 22, however, lawmakers used up most of the speaking time with their own remarks, leaving Facebook’s CEO with little time to respond.
The Associated Press contributed to this report.