To ask the Secretary of State for Digital, Culture, Media and Sport, what discussions he has had with the Information Commissioner's Office on the Facebook data leak of 2019; how many UK Facebook users were informed of that leak; and whether UK users data remains compromised.
15 April 2021
The Information Commissioner’s Office referred the 2019 data leak to Facebook’s EU supervisory authority, the Data Protection Commission in Ireland, who announced in April 2019 that they were opening a Statutory Inquiry into the breach.
The Information Commissioner’s Office continues to work with and support its Irish counterpart to ensure that the data of UK citizens is protected.
The government has made it clear that all organisations, especially large global tech firms who process vast amounts of personal data, must comply with the UK’s data protection legislation, which poses strict obligations on organisations to ensure that UK citizens’ data is processed safely, securely and transparently. Organisations which fail to comply with the legislation may be investigated by the Information Commissioner’s Office and subject to increased fines.
The National Cyber Security Centre recommends that members of the public who are concerned that their email and/or phone number may have been leaked in the 2019 breach and any other data breaches should check the website https://haveibeenpwned.com/ This website has been supported by the National Cyber Security Centre in the past. Further advice on what action to take in the event of a data breach, can be found at: https://www.ncsc.gov.uk/guidance/data-breaches