government
healthcare
service provider
fine
education
finance
social media
dark web
retail
web
law enforcement
telecoms
travel
manufacturing
operating system
legal
insurance
gaming
charity
tech
publishing
transport
app
phama
utilities
story
hacked
malware
ransomware
unauthorised access
vulnerability
phishing
accidental disclosure
unsecured database
poor security
insider threat
unsecured server
hacked email
lost device
website hacked
identity theft
ddos
stolen documents
Trojans
financial
inside job
spear phishing
RDP
spyware
skimming
privacy
cyber attack
breach notification
security flaw
legislation
poor operations
user credentials
customer data
third party
physical security
Cryptocurrency
enforcement
email hacked
insecure storage
court action
encryption
fraud
VPN
passwords
zero day
3rd parties
state hacking
employee data
remote working
stolen data
Unknown fined 9,000 Euros for breaching Art. 6 GDPR, Art. 13 GDPR - Insufficient legal basis for data processing
Undisclosed company fined 24,400 Euros for breaching Art. 5 GDPR, Art. 6 GDPR - Insufficient legal basis for data processing
IT sprendimai sėkmei fined 3,000 Euros for breaching Art. 5 (1), (2) GDPR, Art. 13 GDPR, Art. 24 GDPR, Art. 32 GDPR, Art. 35 GDPR, Art. 58 (2) f) GDPR - Non-compliance with general data processing principles
Nacionaliniam visuomenės sveikatos centrui (NVSC) fined 12,000 Euros for breaching Art. 5 (1), (2) GDPR, Art. 13 GDPR, Art. 24 GDPR, Art. 32 GDPR, Art. 35 GDPR, Art. 58 (2) f) GDPR - Non-compliance with general data processing principles
Istituto Nazionale Previdenza Sociale (INPS) fined 300,000 Euros for breaching Art. 5 (1) a), c), d) GDPR, Art. 25 GDPR, Art. 35 GDPR - Non-compliance with general data processing principles
Avilon Center 2016 S.L. fined 12,000 Euros for breaching Art. 48 (1) b) LGT, Art. 21 GDPR, Art. 23 (4) LOPDGDD - Insufficient fulfilment of data subjects rights
Deutsche Wohnen SE fined 0 Euros for breaching Art. 5 GDPR, Art. 25 GDPR - Non-compliance with general data processing principles
Wawa Reaches Proposed $12M Settlement in Data Breach Litigation | The Legal Intelligencer
Security company (name not available at the moment) fined Unknown Euros for breaching Art. 32 (1) b), d) GDPR, Art. 32 (2), (4) GDPR - Insufficient technical and organisational measures to ensure information security
The Washpoint S.L. fined 1,000 Euros for breaching Art. 13 GDPR - Insufficient fulfilment of information obligations
The Netherlands: 440,000 EUR fine for hospital re. unauthorised access to medical records – Privacy Matters
Ripobruna 207, S.L. fined 1,600 Euros for breaching Art. 5 (1) c) GDPR - Non-compliance with general data processing principles
Vodafone España, SAU fined 120,000 Euros for breaching Art. 5 GDPR, Art. 6 GDPR - Insufficient legal basis for data processing
Ministero dello Sviluppo Economico fined 75,000 Euros for breaching Art. 5 (1) a), b), c) GDPR, Art. 6 (1) c), e) GDPR, Art. 6 (2) GDPR, Art. 6 (3) b) GDPR, Art. 37 (1), (7) GDPR - Non-compliance with general data processing principles
Krajowa Szkoła Sądownictwa i Prokuratury fined 22,200 Euros for breaching Art. 5 (1) f) GDPR, Art. 25 (1) GDPR, Art. 28 (3) GDPR, Art. 32 (1), (2) GDPR - Insufficient technical and organisational measures to ensure information security
Vamavi Phone S.L. fined 24,000 Euros for breaching Art. 48 (1) b) LGT, Art. 21 GDPR, Art. 23 LOPDGDD, Art. 28 GDPR - Insufficient fulfilment of data subjects rights
Predase Servicios Integrales S.L. fined 5,000 Euros for breaching Art. 13 GDPR - Insufficient fulfilment of information obligations
Private Person fined 5,000 Euros for breaching Art. 5 (1) c) GDPR - Non-compliance with general data processing principles
Patio Ancestral S.L. fined 3,000 Euros for breaching Art. 6 GDPR - Insufficient legal basis for data processing
Private Person fined 2000 Euros for breaching Art. 5 (1) c) GDPR - Non-compliance with general data processing principles
Iberdrola Clientes fined 100,000 Euros for breaching Art. 5 (1) d) GDPR, Art. 17 GDPR - Insufficient fulfilment of data subjects rights
Cyberbook AS fined 19,300 Euros for breaching Art. 5 GDPR, Art. 6 GDPR - Insufficient legal basis for data processing
IDFINANCE Spain, S.L. fined 3,000 Euros for breaching Art. 5 (1) f) GDPR - Insufficient technical and organisational measures to ensure information security
Xfera Moviles S.A. fined 24,000 Euros for breaching Art. 58 (2) GDPR - Insufficient cooperation with supervisory authority
Azienda Ospedaliero Universitaria di Parma fined 50,000 Euros for breaching Art. 5 (1) f) GDRP, Art. 9 GDPR - Non-compliance with general data processing principles
Azienda Ospedaliero Universitaria Senese fined 50,000 Euros for breaching Art. 5 (1) f) GDRP, Art. 9 GDPR - Non-compliance with general data processing principles
Azienda USL della Romagna fined 50,000 Euros for breaching Art. 5 (1) a), d), f) GDPR, Art. 9 GDPR, Art. 32 (1) b) GDPR - Non-compliance with general data processing principles
Family Service / N.D.P.K. nv. fined 50,000 Euros for breaching Art. 5 GDPR, Art. 6 GDPR, Art. 7 GDPR, Art. 13 GDPR, Art. 24 GDPR, Art. 25 GDPR, Art. 28 GDPR - Insufficient legal basis for data processing
Unknown fined 75,000 Euros for breaching Art. 32 GDPR - Insufficient technical and organisational measures to ensure information security
Unknown fined 150,000 Euros for breaching Art. 32 GDPR - Insufficient technical and organisational measures to ensure information security
Unknown fined 25,000 Euros for breaching Art. 5 (1) f), (2) GDPR, Art. 24 GDPR, Art. 32 GDPR, Art. 33 (1), (5) GDPR, Art. 34 (1) GDPR - Insufficient technical and organisational measures to ensure information security
Telefónica Móviles España, SAU fined 75,000 Euros for breaching Art. 6 (1) GDPR - Insufficient legal basis for data processing
Alterna Operador Integral S.L. fined 50,000 Euros for breaching Art. 6 (1) b) GDPR - Insufficient legal basis for data processing
Individual fined 1,200 Euros for breaching Art. 5 (1) c) GDPR - Non-compliance with general data processing principles
Aquateknikk AS fined 9,700 Euros for breaching Art. 5 GPDR, Art. 6 GDPR - Insufficient legal basis for data processing
Anwara Sp. z.o.o. fined 4,600 Euros for breaching Art. 31 GDPR, Art. 58 (1) a) GDPR - Insufficient cooperation with supervisory authority
Regione Lazio fined 75,000 Euros for breaching Art. 5 (2) GDPR, Art. 28 GDPR - Insufficient data processing agreement
Azienda Usl di Bologna fined 18,000 Euros for breaching Art. 5 (1) f) GDRP, Art. 9 GDPR - Non-compliance with general data processing principles
Poliambulatorio Talenti S.r.l. fined 2000 Euros for breaching Art. 12 (3) GDPR, Art. 15 GDPR - Insufficient fulfilment of data subjects rights
Azienda sanitaria provinciale di Enna fined 30,000 Euros for breaching Art. 5 (1) a) GDPR, Art. 6 GDPR, Art. 9 GDPR - Insufficient legal basis for data processing
