A Third of all GDPR Organizational Data Breaches are German
To celebrate Data Protection Day 2019, the European Commission provided the first summary of GDPR since it came into effect in 2018.
February 2019 │Omada
Germany Accounts for a Third of all Reported Organizational Data Breaches Since GDPR Started
To celebrate Data Protection Day 2019, the European Commission provided the first summary of GDPR since it came into effect on May 25th, 2018.
The summary states a total of 95,180 complaints have been received from individuals, with organizations self-reporting a total of 41,502 data breach notifications to their local Data Protection Authorities (DPA).
Article 33 of the GDPR states that responsible data processors must notify DPAs of a personal data breach within 72 hours, with some cases also requiring them to inform those it concerns.
Digging deeper into the numbers German IT news site golem.de reports that their further information request highlighted that 12,256 of these organizational data breaches originated in Germany alone.
Some of the reported violations include Germany’s biggest data hack yet - the December 2018 breach of almost 1,000 German politicians, celebrities, journalists and other prominent peoples’ details that were leaked via a Twitter account.
The number also includes the first German GDPR data breach involving chat provider Knuddels, who were punished with a fine of €20,000 after 808,000 email addresses and over 1.8 million usernames and passwords were exposed in a data breach.
Unfortunately, a full breakdown of the data breaches by topic was not available, due to a lack of statistics, but the numbers alone speak for themselves and point to the importance of having a robust Identity Governance and Administration (IGA) solution that can help minimize the risk of heavy fines and reputational damage.
From the total number of complaints in Europe, 255 investigations have now been launched by DPAs, with the high numbers resulting in the first major fines being imposed, like the recent €50 million one imposed by French authorities on Google Inc.
And with the Commission stating it intends to ensure Europe has “strong privacy rules at home” while “leading the way globally”, the number of organizations who might face the 4% of annual worldwide revenue fine is sure to grow.
Make sure your organization is not next - implement effective monitoring and continuous evaluation of your data security now.
EU GDPR E-Book
Omada GDPR access governance solution can be quickly implemented. Download Omada's E-book on GDPR Access Governance to learn how you can achieve GDPR Access Compliance.
Blog: Solid access management is never too late to implement
Incidents at well-known companies such as British Airways, SunTrust or Yahoo! are still making headlines, but the majority of attacks and their impact remain largely unnoticed.