If You Think Data Breaches Don’t Cost Money, You’d Be Mistaken

Facebook is in the news again, which shouldn’t be a surpriseFacebook charged maximum amount by ICO to anyone that has gone on the internet recently (or read a newspaper). The two stories are as follows:

  1. Facebook was fined the maximum amount -£500,000 or $645,000-by the UK's Information Commissioner's Office (ICO) for the Cambridge Analytica data breach.
  2. Presumably because of the recent data breach scandal’s, Facebook is on the hunt to acquire a major                                                            cyber-security firm.

Download Disaster Recovery as a Service (DRaaS): The Ultimate eBook

Download Disaster Recovery as a Service (DRaaS): The Ultimate eBook

ICO Fines Facebook the Max Amount

Let’s start with the fine. $645,000 is nothing to sneeze at, but taking a look at the bigger picture is important too. While Facebook’s global revenue was upwards of $40 billion last year, nearly $700k is still a huge sum of money, that certainly garners attention. But what is more important to note here is that the ICO WOULD have fined the social media powerhouse a larger amount if they had been allowed. Because the General Data Protection Regulation (GDPR) was not in place when the breach occurred, they weren’t able to charge the 4% of global turnover, which for Facebook would have been $1.6 billion.


The ICO filed a 27-page penalty notice against Facebook in which they lay out all of the details of the incident, and the reason for the penalty. By Facebook’s own admission more than 87 million users were affected worldwide during the Cambridge Analytica data breach. Information Commissioner Elizabeth Denham said: “Facebook failed to sufficiently protect the privacy of its users before, during and after the unlawful processing of this data. A company of its size and expertise should have known better and it should have done better.” And she went on to say that: “One of our main motivations for taking enforcement action is to drive meaningful change in how organizations handle people’s personal data.” The ICO believes that Facebook was neglectful with its security, and didn’t protect its users which lead them to their decision to enforce the maximum punishment.

Facebook Wants to Acquire a Cyber-security Firm

Now let’s dive into the second (and more positive) reason they are in the news: seeking to acquire a cybersecurity firm. This news comes weeks after Facebook’s most recent scandal in which the data of approximately 30 million users was compromised, and they received a lot of backlash. That isn’t a new feeling for Facebook, however, as the last several months have brought about much scrutiny between the two data breaches. It does appear that they are taking a step in the right direction by possibly acquiring a firm that specializes in cyber-security. Facebook is good at many things, but it appears one of the most critical aspects of running a social media giant (protecting your user’s data), is not their strong suit.  According to sources, Facebook has a team in place that is attempting to beef up their cyber-security, in addition to reaching out to multiple firms about a possible acquisition.  

What Does this Mean?

In the current world we live in, the idea of security and privacy feels more elusive each day. Organizations are trying to figure it out, but it’s a fine line to walk. We want our data online, and in the cloud, but we don’t want anyone else to have access to it. Privacy and security used to mean a lock on your front door, and an unlisted phone number. Now, your phone number is listed, your front door is electronic and can be hacked, and your personal information is online with companies that have data breaches. This can feel very scary and a little like, “is technology worth it?”. But we promise it is, because on the flip side of this there are a lot of benefits. You can have your business hacked and with a predictable cloud provider have it backed up and restored; if you lose your keys, just type in the code to get in your house; if you want to see pictures of your new grandchild that lives across the country there is no waiting, just look in your text message application, or even better, feel like you’re there on a video call. Technology can be scary, but it has also provided some of the greatest benefits our world has seen.

Facebook as we learned above made over $40 billion last year, so they have the money to throw at huge cyber-security firms, and their own private cloud with hundreds of employees to run it. But for smaller and medium-sized organizations, relying on in-house security to manage a private cloud can make it hard to keep up with the latest types of malware, and security attacks. A Virtual Private Cloud (VPC) hosted by a predictable provider may be the answer.

If you are looking to protect critical data, or just want more information on the cloud, reach out to speak with one of our IT experts today. DSM, Florida’s predictable cloud provider, can take care of all your data protection needs. With cyber-attacks on the rise, it’s critical to make sure your business isn’t the next victim.

DRaas: Everything You Need to Know

Related posts