government
healthcare
service provider
fine
education
finance
social media
dark web
retail
web
law enforcement
telecoms
travel
manufacturing
operating system
legal
insurance
charity
tech
gaming
publishing
transport
app
phama
utilities
story
hacked
malware
ransomware
vulnerability
unauthorised access
phishing
accidental disclosure
unsecured database
poor security
insider threat
unsecured server
hacked email
lost device
website hacked
identity theft
ddos
stolen documents
Trojans
financial
inside job
spear phishing
RDP
spyware
skimming
privacy
cyber attack
breach notification
security flaw
legislation
poor operations
user credentials
customer data
third party
physical security
Cryptocurrency
enforcement
email hacked
insecure storage
court action
encryption
fraud
VPN
passwords
zero day
3rd parties
state hacking
employee data
remote working
stolen data
Hamburger Verkehrsverbund GmbH (HVV GmbH) fined 20,000 Euros for breaching Art. 33 GDPR, Art. 34 GDPR - Insufficient fulfilment of data breach notification obligations
Facebook Germany GmbH fined 51,000 Euros for breaching Art. 37 GDPR - Lack of appointment of data protection officer
Unknown fined 294,000 Euros for breaching Art. 5 GDPR - Non-compliance with general data processing principles
AMADOR RECREATIVOS, S.L fined 3,600 Euros for breaching Art. 5 (1) c) GDPR - Non-compliance with general data processing principles
Employer fined 9,000 Euros for breaching Art. 5 (1) c) GDPR - Non-compliance with general data processing principles
Employer fined 20,000 Euros for breaching Art. 5 (1) c) GDPR - Non-compliance with general data processing principles
Vodafone España, S.A.U. fined 40,000 Euros for breaching Art. 6 GDPR - Insufficient legal basis for data processing
Vodafone España, S.A.U. fined 30,000 Euros for breaching Art. 5 (1) f) GDPR, Art. 32 GDPR - Insufficient technical and organisational measures to ensure information security
TELEFONICA MOVILES ESPAÑA, S.A.U. fined 48,000 Euros for breaching Art. 5 (1) a) GDPR - Non-compliance with general data processing principles
VODAFONE ONO, S.A.U. fined 48,000 Euros for breaching Art. 32 GDPR - Insufficient technical and organisational measures to ensure information security
VODAFONE ONO, S.A.U. fined 36,000 Euros for breaching Art. 5 (1) f) GDPR - Non-compliance with general data processing principles
Vodafone España, S.A.U. fined 21,000 Euros for breaching Art. 6 (1) GDPR - Insufficient legal basis for data processing
Doctor fined 14,000 Euros for breaching Art. 5 GDPR, Art. 6 GDPR - Insufficient legal basis for data processing
Newspaper fined 10,000 Euros for breaching Art. 6 GDPR - Insufficient legal basis for data processing
State Hospital fined 5,000 Euros for breaching Art. 15 GDPR - Insufficient fulfilment of data subjects rights
Asesoría Alpi-Clúa S.L. fined 3,000 Euros for breaching Art. 5 (1) f) GDPR, Art. 32 (1) GDPR - Non-compliance with general data processing principles
Vodafone España, S.A.U. fined 60,000 Euros for breaching Art. 6 (1) GDPR - Insufficient legal basis for data processing
Hackers hacked into the system of three Prague polyclinics, e-mails and ordering system do not work
Heredad de Urueña S.A. fined 2000 Euros for breaching Art. 13 GDPR - Insufficient fulfilment of information obligations
Cultural association fined 3,000 Euros for breaching Art. 6 (1) a) GDPR - Insufficient legal basis for data processing
School fined 1,000 Euros for breaching Art. 5 (1) c) GDPR, Art. 6 (1) GDPR, Art. 8 GDPR - Insufficient legal basis for data processing
Certime S.A. fined 5,000 Euros for breaching Art. 5 (1) b) GDPR - Non-compliance with general data processing principles
Google facing $5bn lawsuit over Chrome's not-so-incognito mode | TechRadar
NBQ Technology, S.A.U. fined 12,000 Euros for breaching Art. 6 (1) GDPR - Insufficient legal basis for data processing
Private Person fined 1,500 Euros for breaching Art. 5 (1) c) GDPR - Non-compliance with general data processing principles
Vodafone España, S.A.U. fined 8,150,000 Euros for breaching Art. 28 GDPR, Art. 24 GDPR, Art. 44 GDPR, Art. 21 LSSI, Art. 48 (1) b) LGT, Art. 21 GDPR, Art. 23 LOPDGDD - Insufficient fulfilment of data subjects rights
Epsilon agrees to pay $150m fine to DoJ for selling data to fraudsters | News | GRC World Forums
Xfera Moviles S.A. fined 90,000 Euros for breaching Art. 5 (1) f) GDPR, Art. 17 GDPR, Art. 32 GDPR - Insufficient technical and organisational measures to ensure information security
Equifax Iberica S.L. fined 50,000 Euros for breaching Art. 6 (1) f) GDPR - Insufficient legal basis for data processing
Filigrana Comunicación S.L.U. fined 8,000 Euros for breaching Art. 6 (1) GDPR, Art. 13 GPDR, Art. 14 GDPR - Insufficient fulfilment of information obligations
Hospital Campogrande DE fined 10,000 Euros for breaching Art. 5 (1) f) GDPR - Non-compliance with general data processing principles
VfB Stuttgart 1893 AG fined 300,000 Euros for breaching Art. 5 (2) GDPR - Non-compliance with general data processing principles
Homeowners Association fined 15,000 Euros for breaching Art. 5 (1) f) GDPR - Non-compliance with general data processing principles
Electricity Authority of Cyprus fined 40,000 Euros for breaching Art. 6 (1) GDPR, Art. 9 (2) GDPR - Insufficient legal basis for data processing
KEPIDES fined 6,000 Euros for breaching Art. 32 (4) - Insufficient technical and organisational measures to ensure information security
Cypriot Real Estate Registration Authority fined 10,000 Euros for breaching Art. 12 GDPR, Art. 15 GDPR, Art. 31 GDPR, Art. 58 (1) e) GDPR - Insufficient fulfilment of information obligations
Hellenic Bank fined 25,000 Euros for breaching Art. 5 (1) e), f) GDPR, Art. 32 (1) b), c) GDPR, Art. 33 (1) GDPR - Insufficient technical and organisational measures to ensure information security
Private Individual fined 200 Euros for breaching Art. 5 GDPR, Art. 32 GDPR - Non-compliance with general data processing principles
I-DE Redes Eléctricas Inteligentes, S.A.U fined 200,000 Euros for breaching Art. 5 (1) b), c) GDPR, Art. 6 (1) b) GDPR - Non-compliance with general data processing principles
Registrų Centras fined 15,000 Euros for breaching Art. 32 (1) b), c) GDPR - Insufficient technical and organisational measures to ensure information security