I thought this was gonna be some limited faux pas... but no. That's terrible.
If your company made a billion $ revenue per year, it'd have to pay $100k.
Doesn't feel like a great incentive to do it right.
If they improved debuggability by logging all requests to make the company more than 0.1 % efficient, it's a good deal for them.
(Yes I have read the fine is triggered by not informing the authorities in due time)
Interesting how the affected user is actually valuated…
Hashing and salting passwords isn't some newly introduced advanced rocket science, it's literally a 101-level "obvious" thing. How can a huge corporation like Meta/Facebook can do this is beyond my imagination.