A European watchdog has fined Meta Platforms 17 million euros ($19 million) for violating EU privacy rules, after it failed to prevent a series of data breaches on its Facebook platform in 2018.

The Irish Data Protection Commission, the main EU privacy watchdog that monitors Meta, said it found Facebook “failed to take appropriate technical and organizational measures”.

Facebook became the first major test of the European Union’s General Data Protection Regulation in 2018 after the Irish watchdog opened an investigation into a breach affecting up to 50 million accounts. The investigation began in December of that year, looking at 12 Facebook hack notifications, including those caused by a software bug that gave third-party developers access to the photos of millions of users.