Instagram was charged €405 million (over $400 million) under the European Union General Data Protection Regulation due to a privacy breach of children’s data, including the spread of email addresses and phone numbers.

As per reports, the Meta-backed company has been fined for the third time by the Irish Data Protection Commission over security concerns. The investigation against Instagram started two years back, and a final decision was expected in the last week.

Instagram was accused of processing children’s privacy data for business accounts and on a user registration platform. Earlier, teen users’ (aged between 13 and 17) accounts were made ‘public’ by default, and they were easily targeted by ads and hacking methods.

Earlier this year, Meta planned to pull Instagram and Facebook in Europe over privacy regulations.