The Latest

Thousands of GDPR Data Breaches Reported

February 5, 2019

The European Union has revealed how many GDPR data breaches have been recorded since the introduction of the rules in May 2018. In less than a year, 41,502 data breaches have been reported to authorities across Europe.

Thousands of GDPR Data Breaches Reported

GDPR data breaches show extent of threat

The number of GDPR data breaches brings the frequency and level of attacks suffered by companies into light. Such incidents are worryingly common. GDPR compels organizations operating within Europe to report data breaches within 72 hours of the incident being discovered. These 40,000 are just those reported, it’s likely that some are still not coming forward promptly.

A European Commission statement said:

“We are already beginning to see the positive effects of the new rules. Citizens have become more conscious of the importance of data protection and of their rights. And they are now exercising these rights, as national Data Protection Authorities see in their daily work. They have by now received more than 95,000 complaints from citizens.”

More than GDPR data breaches

It’s not just the 40,000 or so GDPR data breaches reported that the legislation exposes. As the statement from the Commission highlights, some 95,000 complaints of data misuse have been made by citizens as well to relevant authorities.

Google in fact found itself in hot water on this data misuse front. The French authorities handed out the biggest fine in GDPR history. A record €50 million was dished out to the company. Google was charged with failing to provide adequate transparency, information and pursuit of consent for personalization of ads.

In an ideal world, it wouldn’t be the threat of fines and punishment from legislation like GDPR that would compel organizations to improve their cybersecurity. Good cybersecurity is its own reward, allowing business to function properly and safely, protecting themselves and their customers. But results like this in the first year of GDPR can only help improve the situation, by raising awareness of the requirements of organizations and delivering accountability.