Foundation SOMI starts collective investigation into 533 million leaked Facebook accounts

As of today, the SOMI Foundation makes it possible for all European consumers to check via its SOMI app whether they have become a victim of the Facebook leak from April this year. It can also be seen which of their personal data is circulating on the dark web.

This article was published on 1st September 2021 on Emerce in the Netherlands. Please find the English translation below.

In total, data of more than 533 million Facebook accounts were leaked in April, including at least 5.4 million Dutch accounts.

After checking their own data, consumers can participate in a possible collective claim against Facebook, which requires the collection of evidence of a violation of the GDPR from the data breach.

The foundation is therefore offering a total of 10,000 euros to anyone who can prove with their personal data that Facebook has violated the GDPR.

The Facebook leak from April this year contains data from 533 million accounts from around the world, including 96.7 million accounts from Europe and 5.4 million from the Netherlands. The stolen personal data is now circulating on the dark web. Almost all leaked accounts contain a telephone number, but the e-mail address of more than 2.5 million accounts was also leaked.

Although Facebook has acknowledged the leak, the victims were not personally notified. At the time, the company reasoned that it was an old leak.

According to the SOMI foundation, Facebook may have violated the General Data Protection Regulation (GDPR) by failing to inform its users about the leak in a timely and adequate manner. Although most data has been collected via 'scraping', in which data has been extracted from public profiles, this does not seem to apply to all data.

Click here for the original article on (in Dutch)