ABC News reports that the DPC's inquiry, which began in 2019, discovered that Meta had unintentionally kept a "subset" of Facebook users' passwords in plain text, giving staff members access to them. Given that keeping passwords in plain text is often considered to be a violation of fundamental security procedures, this security protocol breach resulted in the heavy penalties.

As a normal procedure to protect user information, Deputy Commissioner Graham Doyle emphasized the significance of encrypting passwords to avoid abuse. Despite this oversight, Meta stated that it has not discovered any indications of password abuse or unauthorized access. After the occurrence, the firm acted quickly to correct the mistake and kept in constant contact with the DPC during the inquiry.

This amount is an addition to the DPC's prior judgments against Meta for data processing violations on many of its platforms, including WhatsApp and Instagram.