EU Fines For GDPR Breaches Increase Fivefold

Uploaded on 2022-02-07 in FREE TO VIEW, BUSINESS-Services-Law

European data regulators issued €1.1 billion (£920 million) in General Data Protection Regulation (GDPR) fines last year, a 585% increase compared to 2020.  This is almost 20 times higher than the combined total of Q1 and Q2, and triple the total amount of fines in all of 2020. 

Leading law firm DLA Piper surveyed 27 EU member states, as well as the UK, Norway, Iceland, and Liechtenstein. The survey identified an 8% increase in GDPR breach notifications from 2020’s average of 331 notifications per day to 356 in 2021.

Since 28 January 2021, there have been over 130,000 notified personal data breaches in total, with the Netherlands having the most breach notifications per 100,000 people respectively. On the other end of the spectrum, Croatia, the Czech Republic, and Greece reported the fewest number of breach notifications per capita.

The highest GDPR fine to date is the one imposed by the Luxembourg National Commission for Data Protection (CNDP) for €746 million on the online based retailer, Amazon, the biggest fine so far for non-compliance with the GDPR. This is more than 14 times higher than the previous largest GDPR fine (EUR50 million) imposed by France on Google.

The UK came in sixth place with a £20m fine against British Airways for losing the financial and personal details of around 380,000 customers in a cyber-attack in 2018.

Since 28 January 2021, there have been over 130,000 personal data breaches notified to regulators - on average 356 breach notifications per day, an 8% increase on last year’s daily average of 331 notifications per day. 

Commenting on the survey findings, Ross McKean, chair of the UK Data Protection and Security Group said that although the nearly sevenfold increase in fines may grab the headlines, According to DLA Piper’s survey, the most common implications aren’t limited to fines and claims for compensation, but also service interruption caused by the suspension of data transfers, which McKean described as “much more damaging and costly”.”

EU Data Protection Board:      Bloomberg:      ITPro:     Pymnts:     DLA Piper:     RemarkBoard

You Might Also Read:   

The Effects Of GDPR On EU / US Relations:

 

« The Importance Of Securing OT Platforms
Spy Chief Warns US Government Is Classifying Too Much Data »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Mondo

Mondo

Mondo is the largest national staffing agency specializing exclusively in high-end, niche IT, Tech, and Digital Marketing talent. Areas of expertise include Cybersecurity.

Qubitekk

Qubitekk

Qubitekk has developed quantum cryptography solutions for the machine-to-machine (M2M) communications market.

Inseego

Inseego

Inseego provides Enterprise SaaS solutions and IoT & Mobile solutions, which together form the backbone of intelligent, reliable and secure IoT services with deep business intelligence.

CyberQ Group

CyberQ Group

CyberQ is an award winning cyber security consultancy and services provider and an innovator in Artificial Intelligence and Automated Cyber Security.

Sompo International

Sompo International

Sompo International is a global specialty provider of property and casualty insurance and reinsurance services including Cyber & Network Risk.

DCX Technology

DCX Technology

Recognized as a leader in security services, DXC Technology help clients prevent potential attack pathways, reduce cyber risk and improve threat detection and incident response.

Bessemer Venture Partners (BVP)

Bessemer Venture Partners (BVP)

Bessemer Venture Partners was born from innovations that literally forged modern building and manufacturing. Today, our team of investors works with people who want to create revolutions of their own.

LevelOps

LevelOps

LevelOps is an industry application security platform that tracks and develops your application security.

DisruptOps

DisruptOps

Built for today’s cloud-scale enterprises, DisruptOps’ Cloud Detection and Response platform automates assessment and remediation procedures of critical cloud security issues.

689cloud

689cloud

689Cloud is a cloud content collaboration platform that allows users to protect, track, and control files AFTER they have been shared.

Foretrace

Foretrace

Foretrace aims to prevent, assess, and contain the exposure of customer accounts, domains, and systems to malicious actors.

RocketCyber

RocketCyber

RocketCyber is a Managed SOC platform empowering Managed Service Providers (MSPs) to deliver security services to small and medium businesses.

East Midlands Cyber Resilience Centre (EMCRC)

East Midlands Cyber Resilience Centre (EMCRC)

The East Midlands Cyber Resilience Centre is set up to support and help protect businesses across the region against cyber crime.

The PenTesting Company

The PenTesting Company

The PenTesting Company is owned and operated by offensive security professionals. Penetration Testing is essentially all we do.

Ballistic Ventures

Ballistic Ventures

Ballistic Ventures is a new kind of venture capital firm, built by and for cybersecurity entrepreneurs and investors.

Execweb

Execweb

Execweb are a cybersecurity executive network, comprised of 400+ security practitioners who work at Fortune 500 and SME companies.