French software company fined 2 million for cyber failings leading to data breach The Record from Recorded Future News

pppLeadershipppCybercrimeppNationstatepp Influence Operations ppTechnologyppCyber DailyppClick Here Podcastpp Free Newsletterpp Frances data protection regulator has fined the software company Nexpublica France 17 million 2 million for poor cybersecurity practices in the wake of a data breach pp In November 2022 users of a Nexpublica portal reported they could access documents about third parties Frances data regulator known as CNIL investigated the incident and found that Nexpublicas data security program was inadequate according to an agency press release pp On December 22 CNIL levied the fine which it said is based on the companys financial capacity its lack of knowledge of basic security principles the number of people affected and the sensitivity of the data processed  pp Nexpublicas poor security practices violated Europes General Data Protection Regulation CNIL said pp The security problems were known to the company before the breach but it did not address them until after the incident the agency added ppSuzanne Smalleyppis a reporter covering privacy disinformation and cybersecurity policy for The Record She was previously a cybersecurity reporter at CyberScoop and Reuters Earlier in her career Suzanne covered the Boston Police Department for the Boston Globe and two presidential campaign cycles for Newsweek She lives in Washington with her husband and three childrenppPrivacyppAboutppContact Uspp Copyright 2025 The Record from Recorded Future Newsp