government
healthcare
service provider
fine
education
finance
social media
dark web
retail
web
law enforcement
telecoms
travel
manufacturing
operating system
legal
insurance
charity
tech
gaming
publishing
transport
app
utilities
phama
story
hacked
malware
ransomware
unauthorised access
vulnerability
phishing
accidental disclosure
unsecured database
poor security
insider threat
unsecured server
hacked email
lost device
website hacked
identity theft
ddos
stolen documents
Trojans
financial
inside job
spear phishing
RDP
spyware
skimming
privacy
cyber attack
breach notification
security flaw
legislation
poor operations
user credentials
customer data
third party
physical security
Cryptocurrency
enforcement
email hacked
insecure storage
court action
encryption
fraud
VPN
passwords
zero day
3rd parties
state hacking
employee data
remote working
stolen data
Borjamotor, S.A. fined 4,000 Euros for breaching Art. 7 GDPR - Insufficient legal basis for data processing
Smart Cities Sp. z o.o. fined 2,850 Euros for breaching Art. 31 GDPR, Art. 58 GDPR - Insufficient cooperation with supervisory authority
TUiR Warta S.A. fined 18,850 Euros for breaching Art. 33 (1) GDPR, Art. 34 (1) GDPR - Insufficient fulfilment of data breach notification obligations
Unknown fined 10,000 Euros for breaching Art. 5 (1) f) GDPR - Non-compliance with general data processing principles
Xfera Moviles S.A. fined 40,000 Euros for breaching Art. 6 (1) GDPR - Insufficient legal basis for data processing
Municipality of Indre Østfold fined 18,840 Euros for breaching Art. 6 GDPR, Art. 32 (1) b) GDPR - Insufficient technical and organisational measures to ensure information security
Capio St. Göran AB fined 2,900,000 Euros for breaching Art. 5 (1) f) GDPR,
Art. 5 (2) GDPR,
Art. 32 (1) GDPR,
Art. 32 (2) GDPR - Insufficient technical and organisational measures to ensure information security
Karolinska University Hospital of Solna fined 390,100 Euros for breaching Art. 5 (1) f) GDPR,
Art. 5 (2) GDPR,
Art. 32 (1) GDPR,
Art. 32 (2) GDPR - Insufficient technical and organisational measures to ensure information security
Sahlgrenska University Hospital fined 341,300 Euros for breaching Art. 5 (1) f) GDPR,
Art. 5 (2) GDPR,
Art. 32 (1) GDPR,
Art. 32 (2) GDPR - Insufficient technical and organisational measures to ensure information security
Västerbotten Region fined 243,800 Euros for breaching Art. 5 (1) f) GDPR,
Art. 5 (2) GDPR,
Art. 32 (1) GDPR,
Art. 32 (2) GDPR - Insufficient technical and organisational measures to ensure information security
Östergötland Region fined 243,800 Euros for breaching Art. 5 (1) f) GDPR,
Art. 5 (2) GDPR,
Art. 32 (1) GDPR,
Art. 32 (2) GDPR - Insufficient technical and organisational measures to ensure information security
Dr Marín Cirugia Plástica, S.L.P. fined 2,400 Euros for breaching Art. 13 GDPR - Insufficient fulfilment of information obligations
Aleris Sjukvård AB fined 1,463,000 Euros for breaching Art. 5 (1) f) GDPR,
Art. 5 (2) GDPR,
Art. 32 (1) GDPR,
Art. 32 (2) GDPR - Insufficient technical and organisational measures to ensure information security
Losada Advocats S.L. fined 10,000 Euros for breaching Art. 5 (1) f) GDPR, Art. 32 GDPR - Insufficient technical and organisational measures to ensure information security
Asociación de Víctimas por Arbitrariedades Judiciales, (JAVA) fined 5,000 Euros for breaching Art. 6 (1) GDPR - Insufficient legal basis for data processing
Comercio Online Levante, S.L. fined 3,000 Euros for breaching Art. 5 (1) f) GDPR, Art. 32 GDPR - Insufficient technical and organisational measures to ensure information security
Servicio de Alojamientos Responsables, S.L. fined 6,000 Euros for breaching Art. 6 (1) GDPR - Insufficient legal basis for data processing
Südameapteegi e-apteek fined 100,000 Euros for breaching Art. 5 GDPR, Art. 6 GDPR - Insufficient legal basis for data processing
Apotheka e-apteek fined 100,000 Euros for breaching Art. 5 GDPR, Art. 6 GDPR - Insufficient legal basis for data processing
Private Individual fined 1,200 Euros for breaching Art. 5 (1) a) GDPR - Non-compliance with general data processing principles
Charly Mike s.r.l. fined 3,000 Euros for breaching Art. 5 (1) a) GDPR, Art. 13 GDPR - Insufficient legal basis for data processing
Concentrix Cvg Italy s.r.l. fined 20,000 Euros for breaching Art. 5 (1) a), c) GDPR, Art. 6 (1) b), c) GDPR, Art. 9 (1) b) GDPR - Insufficient legal basis for data processing
Reti Televisive Italiane S.p.a. fined 10,000 Euros for breaching Art. 5 (1) a) GDPR - Non-compliance with general data processing principles
Private Individual fined 1,500 Euros for breaching Art. 6 GDPR, Art. 25 GDPR - Insufficient legal basis for data processing
Miraclia Telecomunicaciones S.L. fined 40,000 Euros for breaching Art. 6 GDPR, Art. 13 GDPR, Art. 14 GDPR - Insufficient legal basis for data processing
Gnosjö Municipality fined 19,500 Euros for breaching Art. 5 GDPR, Art. 6 GDPR, Art. 13 GDPR, Art. 35 GDPR, Art. 36 GDPR - Insufficient legal basis for data processing
City of Stockholm fined 394,000 Euros for breaching Art. 5 GDPR, Art. 32 GDPR - Insufficient technical and organisational measures to ensure information security
Burgo Group S.p.A fined 20,000 Euros for breaching Art. 5 GDPR, Art. 13 GDPR - Non-compliance with general data processing principles
Recambios Villalegre S.L. fined 12,000 Euros for breaching Art. 6 GDPR, Art. 13 GDPR - Insufficient legal basis for data processing
Vodafone España, S.A.U. fined 36,000 Euros for breaching Art. 5 GDPR, Art. 6 GDPR - Insufficient legal basis for data processing
Unknown fined 28 Euros for breaching Art. 5 (1) d) GDPR - Non-compliance with general data processing principles
Carrefour France fined 2,250,000 Euros for breaching Art. 5 GDPR, Art. 12 GDPR, Art. 13 GDPR, Art. 15 GDPR, Art. 17 GDPR, Art. 21 GDPR, Art. 32 GDPR, Art. 33 GDPR - Non-compliance with general data processing principles
Carrefour Banque fined 800,000 Euros for breaching Art. 5 GDPR - Non-compliance with general data processing principles
Anmavas 61, S.L. fined 2000 Euros for breaching Art. 58 GDPR - Insufficient cooperation with supervisory authority
Comune di Collegno fined 2000 Euros for breaching Art. 12 GDPR, Art. 13 GDPR, Art. 14 GDPR - Insufficient fulfilment of data subjects rights
Provincial Health Authority of Cosenza fined 30,000 Euros for breaching Art. 9 GDPR - Insufficient legal basis for data processing
Vodafone España, S.A.U. fined 42,000 Euros for breaching Art. 5 GDPR, Art. 6 GDPR - Insufficient legal basis for data processing
Homeowners Association fined 1,600 Euros for breaching Art. 5 (1) c) GDPR - Non-compliance with general data processing principles
Unknown fined 1,500 Euros for breaching Art. 5 GDPR, Art. 6 GDPR, Art. 12 GDPR, Art. 13 GDPR, Art. 30 GDPR, Art. 37 (5) GDPR, Art. 37 (7) GDPR - Non-compliance with general data processing principles
Ticketmaster UK Limited fined 1,405,000 Euros for breaching Art. 5 (1) f) GDPR, Art. 32 GDPR - Insufficient technical and organisational measures to ensure information security