GDPR Data Breach Notifcations & Fines Are Increasing

Uploaded on 2020-01-28 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Law

Since the General Data Protection Regulation (GDPR) came into force in May 2018, the first year had about 247 breach notifications per day. In the time since, that has risen to an average of 278 notifications a day. 

Over 160,000 data-breach notifications have been made to authorities in the 18 months since Europe's new digital privacy regulation came into force and now the number of breaches and other security incidents being reported is on the rise.

The total cost of GDPR-related fines paid so far to be €114m Euro ($126m/£97m) and Google was penalised the largest fine, imposed by the French authorities, which was €50m Euros.

The UK Information Commissioner's Office has issued two larger fines relating to data-protection infringements, but currently neither of the organisations involved have come to a final agreement over the payments. Following what was described as an "extensive investigation", the ICO concluded that information was compromised by "poor security arrangements" at British Airways. At the time, the airline made it clear it wasn't happy with the fine, stating it was "surprised and disappointed".

Hackers breached Starwood Hotels in 2014; that hotel chain was subsequently purchased by Marriott in 2016, but the breach wasn't discovered and patched until 2018. A statement from Marriott at the time of the penalty notice said the company was "deeply disappointed" by the proposed fine and both Marriott and British Airways are appealing their fines.

Under GDPR, organisations can be fined up to four per cent of their annual turnover if they've been found to be irresponsible with security following a data breach.

The current analysis suggests that only 35% of Business are fully GDPR compliant. The maximum fine under the GDPR is up to 4% of annual global turnover or €20 million, whichever is greater, for organisations that infringe its requirements. 

Information Commisioner UK:          ZDNet:       ITGovernance:

You Might Also Read:

Few Businesses Are Ready For California’s New Consumer Data Privacy Law:

 

 

« Travelex Slowly Recovering From Ransomware Attack
Greece And Turkey In Conflict »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Tines

Tines

The Tines security automation platform helps security teams automate manual tasks, making them more effective and efficient.

Okta

Okta

Okta is an enterprise-grade identity management service, built from the ground up in the cloud to address the challenges of a cloud-mobile-interconnected world.

Brinqa

Brinqa

Brinqa is a leading provider of unified risk management and security analytics.to manage IT governance and technology risk.

Maryman & Associates

Maryman & Associates

Maryman & Associates are specialists in computer forensic investigations, incident response and e-discovery services.

ID Quantique (IDQ)

ID Quantique (IDQ)

ID Quantique is a world leader in quantum-safe crypto solutions, designed to protect data for the long-term future.

i-Sprint Innovations

i-Sprint Innovations

i-Sprint is a leader in Securing Identity and Transactions in the Cyber World for industries that are security sensitive.

Netrix

Netrix

Netrix is a Mexican company specialized in IT Security, with more than 18 years of experience in Managed Services, Professional Services and Turnkey Solutions related to Security.

SwiftSafe

SwiftSafe

SwiftSafe is a cybersecurity consulting company providing auditing, pentesting, compliance and managed security services.

Startupbootcamp Fintech & Cybersecurity

Startupbootcamp Fintech & Cybersecurity

Startupbootcamp is the world’s largest network of multi-corporate backed accelerators helping startups scale internationally.

PSafe

PSafe

PSafe is a leading provider of mobile privacy, security, and performance apps. We deliver innovative products that protect your freedom to safely connect, share, play, express and explore online.

Avalanchio Technologies

Avalanchio Technologies

The Avalanchio platform gives you a complete solution to collect, process, and analyze security data to detect threats in real-time and analyze historical data using security DSL or SQL.

Vali Cyber

Vali Cyber

Vali Cyber was founded in 2020 with the mission of addressing the specific cybersecurity needs of Linux.

NexusTek

NexusTek

NexusTek is a managed IT services provider with a comprehensive portfolio comprised of end-user services, cloud, infrastructure, cyber security, and IT consulting.

Custocy

Custocy

Custocy is a unique collaborative AI technology that identifies sophisticated and unknown (zero-day) attacks.

RedArx Cyber Group

RedArx Cyber Group

At RedArx Cyber Group, our vision is to empower businesses with cutting-edge, proactive security solutions that safeguard their digital landscapes.

London School of Emerging Technology (LSET)

London School of Emerging Technology (LSET)

LSET's Cyber Security Unit is your premier destination for comprehensive cybersecurity education and training.

LabEx

LabEx

LabEx is an AI-Powered learning platform with labs spanning from Linux devops to web development and cybersecurity.