Facebook has been handed a £500,000 fine – the maximum amount possible – as a result of its part played in the Cambridge Analytica scandal.

According to the Information Commissioner, the fine relates to two breaches of the Data Protection Act.

The Information Commissioner’s Office (ICO) said Facebook failed to protect its users’ information and was not transparent about how the data was harvested by third parties.

Elizabeth Denham, the information commissioner, said Facebook had failed to provide the kind of protections they are required to under the Data Protection Act.

“Fines and prosecutions punish the bad actors, but my real goal is to effect change and restore trust and confidence in our democratic system,” Denham added.

The fine, although the maximum amount possible, is unlikely to dent Facebook’s finances. To put this into context, the tech giant made £500,000 in revenue every five and a half minutes during the first quarter of this year.

Due to the timing of the breaches, the ICO said it was unable to apply fines introduced by the European General Data Protection Regulation (GDPR). The new regulation caps penalties at the higher level of €20m (£17m) or 4% of global turnover – which in Mark Zuckerberg company’s case would amount to $1.9bn (£1.4bn).

Denham explained: “This was a very serious contravention, so in the new regime they would face a much higher fine.”

She spoke to BBC Radio 4’s Today programme and when asked whether the fine could now potentially amount to hundreds of millions of pounds, she said it could.

“This is not all about fines though … any company is worried about its reputation, because people want to feel that their data is safe.

“In 2014 and 2015, the Facebook platform allowed an app … that ended up harvesting 87m profiles of users around the world that was then used by Cambridge Analytica in the 2016 presidential campaign and in the referendum,” Denham added.

Facebook’s chief privacy officer Erin Egan spoke about the fine: “As we have said before, we should have done more to investigate claims about Cambridge Analytica and take action in 2015. We have been working closely with the ICO in their investigation of Cambridge Analytica, just as we have with authorities in the US and other countries. We’re reviewing the report and will respond to the ICO soon.”

Described by Denham as “the most important investigation that the ICO has ever undertaken”, the inquiry resulted in warning letters being sent to 11 political parties.