EU Fines For GDPR Breaches Increase Fivefold

Uploaded on 2022-02-07 in FREE TO VIEW, BUSINESS-Services-Law

European data regulators issued €1.1 billion (£920 million) in General Data Protection Regulation (GDPR) fines last year, a 585% increase compared to 2020.  This is almost 20 times higher than the combined total of Q1 and Q2, and triple the total amount of fines in all of 2020. 

Leading law firm DLA Piper surveyed 27 EU member states, as well as the UK, Norway, Iceland, and Liechtenstein. The survey identified an 8% increase in GDPR breach notifications from 2020’s average of 331 notifications per day to 356 in 2021.

Since 28 January 2021, there have been over 130,000 notified personal data breaches in total, with the Netherlands having the most breach notifications per 100,000 people respectively. On the other end of the spectrum, Croatia, the Czech Republic, and Greece reported the fewest number of breach notifications per capita.

The highest GDPR fine to date is the one imposed by the Luxembourg National Commission for Data Protection (CNDP) for €746 million on the online based retailer, Amazon, the biggest fine so far for non-compliance with the GDPR. This is more than 14 times higher than the previous largest GDPR fine (EUR50 million) imposed by France on Google.

The UK came in sixth place with a £20m fine against British Airways for losing the financial and personal details of around 380,000 customers in a cyber-attack in 2018.

Since 28 January 2021, there have been over 130,000 personal data breaches notified to regulators - on average 356 breach notifications per day, an 8% increase on last year’s daily average of 331 notifications per day. 

Commenting on the survey findings, Ross McKean, chair of the UK Data Protection and Security Group said that although the nearly sevenfold increase in fines may grab the headlines, According to DLA Piper’s survey, the most common implications aren’t limited to fines and claims for compensation, but also service interruption caused by the suspension of data transfers, which McKean described as “much more damaging and costly”.”

EU Data Protection Board:      Bloomberg:      ITPro:     Pymnts:     DLA Piper:     RemarkBoard

You Might Also Read:   

The Effects Of GDPR On EU / US Relations:

 

« The Importance Of Securing OT Platforms
Spy Chief Warns US Government Is Classifying Too Much Data »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Security Industry Association (SIA)

Security Industry Association (SIA)

The SIA's mission is to be a catalyst for success​ within the global security industry through information, insight and influence.

Quantivate

Quantivate

Quantivate is a provider of web-based Governance, Risk, and Compliance (GRC) software and service solutions.

HoxHunt

HoxHunt

HoxHunt is an automated cyber training program that transforms the way your employees react and respond to the growing amount of phishing emails.

Braintrace

Braintrace

Braintrace’s services include Managed Detection and Response (MDR), Managed SIEM, SIEM-as-a-Service, SOC-as-a-Service, Advisory Services, and Incident Response.

GM Security Technologies

GM Security Technologies

GM Security Technologies provides leading managed security services of the highest quality to every type of individual and organization in Puerto Rico, Caribbean and Latin America.

Vietnamese Security Network (VSEC)

Vietnamese Security Network (VSEC)

Vietnamese Security Network (VSEC) is an information security company providing website vulnerability scanning and monitoring services.

Binary Security AS

Binary Security AS

Binary Security is a Norwegian information security consultancy company. We are specialists at application security, penetration testing and secure code reviews.

Mobileum

Mobileum

Mobileum is a leading provider of Telecom analytics for roaming, security and risk management and end-to-end domestic and roaming testing solutions.

Indevis

Indevis

Indevis provides IT security, datacenter and network solutions, accompanied by professional consulting, management and support services.

National Security Services Group (NSSG)

National Security Services Group (NSSG)

National Security Services Group (NSSG) is Oman's leading and only proprietary Cybersecurity consultancy firm and Managed Security Services Provider.

Apono

Apono

Apono enables DevOps and security teams to manage access to sensitive cloud assets and data repositories in a frictionless and compliant way.

ViewQwest

ViewQwest

ViewQwest is a regional telecommunications & information technology services company. We specialize in providing Connectivity, Managed Network, Managed SD-WAN, and Managed Security solutions.

Allurity

Allurity

Allurity is a group of tech-enabled cybersecurity service providers, comprised of best-in-class experts with a common mission to enable a safe digital world.

Fulcrum IT Partners

Fulcrum IT Partners

Fulcrum IT Partners is the parent company of an expanding portfolio of established IT solution companies around the world with proven expertise in cyber security, cloud, and managed services.

CyberloQ Technologies

CyberloQ Technologies

CyberloQ Secure is a cybersecurity solution that enables clients to implement highly robust Multi-Factor Authentication (MFA) that includes client-defined location-based geofencing constraints.

CYBRI

CYBRI

CYBRI is a cybersecurity company helping businesses detect and remediate mission-critical vulnerabilities before they get exploited by hackers.