GDPR Data Breach Notifcations & Fines Are Increasing

Uploaded on 2020-01-28 in NEWS-News Analysis, FREE TO VIEW, BUSINESS-Services-Law

Since the General Data Protection Regulation (GDPR) came into force in May 2018, the first year had about 247 breach notifications per day. In the time since, that has risen to an average of 278 notifications a day. 

Over 160,000 data-breach notifications have been made to authorities in the 18 months since Europe's new digital privacy regulation came into force and now the number of breaches and other security incidents being reported is on the rise.

The total cost of GDPR-related fines paid so far to be €114m Euro ($126m/£97m) and Google was penalised the largest fine, imposed by the French authorities, which was €50m Euros.

The UK Information Commissioner's Office has issued two larger fines relating to data-protection infringements, but currently neither of the organisations involved have come to a final agreement over the payments. Following what was described as an "extensive investigation", the ICO concluded that information was compromised by "poor security arrangements" at British Airways. At the time, the airline made it clear it wasn't happy with the fine, stating it was "surprised and disappointed".

Hackers breached Starwood Hotels in 2014; that hotel chain was subsequently purchased by Marriott in 2016, but the breach wasn't discovered and patched until 2018. A statement from Marriott at the time of the penalty notice said the company was "deeply disappointed" by the proposed fine and both Marriott and British Airways are appealing their fines.

Under GDPR, organisations can be fined up to four per cent of their annual turnover if they've been found to be irresponsible with security following a data breach.

The current analysis suggests that only 35% of Business are fully GDPR compliant. The maximum fine under the GDPR is up to 4% of annual global turnover or €20 million, whichever is greater, for organisations that infringe its requirements. 

Information Commisioner UK:          ZDNet:       ITGovernance:

You Might Also Read:

Few Businesses Are Ready For California’s New Consumer Data Privacy Law:

 

 

« Travelex Slowly Recovering From Ransomware Attack
Greece And Turkey In Conflict »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

TBG Security

TBG Security

TBG provides a portfolio of services including cyber security, compliance and continuity solutions.

Endace

Endace

Endace is a leader in network visibility, network recording and packet capture solutions for security, network and application performance monitoring.

CNCERT/CC

CNCERT/CC

CNCERT is the national Computer Network Emergency Response Technical Team / Coordination Center of China.

MSAB

MSAB

MSAB is a pioneer in forensic technology for mobile device examination.

S2 Grupo

S2 Grupo

S2 Grupo is the benchmark company in Europe and Latin America, for Cyber Intelligence and mission critical systems operations.

ABL Cyber Academy

ABL Cyber Academy

ABL provide certified training courses in the field of cyber security and IT project management.

Secure Innovations

Secure Innovations

Secure Innovations is a cybersecurity firm dedicated to providing top-tier cyber security solutions for the Defense and the Intelligence Community.

Communications Authority of Kenya

Communications Authority of Kenya

The Authority is responsible for facilitating the development of the information and communications sectors including; broadcasting, telecommunications, electronic commerce and cybersecurity.

Canadian Institute for Cybersecurity (CIC)

Canadian Institute for Cybersecurity (CIC)

The Canadian Institute for Cybersecurity (CIC) is a comprehensive multidisciplinary training, research and development, and entrepreneurial unit.

Nuspire

Nuspire

Nuspire provide services to protect your network with best-in-class managed detection and response, allowing you to stay focused on managing your business.

Conduent

Conduent

Conduent delivers mission-critical technology services and solutions on behalf of businesses and governments. Solution areas include digital risk and compliance.

Clario Tech

Clario Tech

Clario is a simple, comprehensive, personalized protection app. It comes with a full suite of intelligent security software and intelligent people to help you live a better, safer digital life.

Hazy

Hazy

Hazy specialises in financial services, helping some of the world’s top banks and insurance companies reduce compliance risk.

Sixteenth Air Force (Air Forces Cyber)

Sixteenth Air Force (Air Forces Cyber)

Air Forces Cyber provides mission integration of Information Warfare at operational and tactical levels, creating dilemmas for adversaries in competition and, if necessary, future conflicts.

Advantio

Advantio

Advantio offers a unique combination of technologies and managed, advisory and testing services to increase your cyber resilience and compliance.

Plante Moran

Plante Moran

Plante Moran is a leading audit, tax, consulting, and wealth management firm. Areas of consulting expertise include cybersecurity.