government healthcare social media service provider fine education finance dark web retail law enforcement web telecoms travel manufacturing operating system phama insurance legal charity app gaming tech publishing transport utilities
story hacked malware unauthorised access ransomware vulnerability accidental disclosure phishing unsecured database poor security insider threat unsecured server hacked email lost device website hacked identity theft ddos stolen documents Trojans financial inside job spear phishing RDP spyware skimming
cyber attack privacy breach notification security flaw legislation poor operations user credentials physical security customer data third party Cryptocurrency enforcement email hacked insecure storage court action encryption VPN fraud passwords zero day 3rd parties state hacking remote working stolen data cloud

IT Staffing Company Settles Data Breach Class Action
Important Notice About a Data Breach Otolaryngology Associates
Mobile phone operator slapped with fine over data breach | eKathimerini.com
US healthcare company EyeMed reaches settlement following 2020 data breach | The Daily Swig
The high cost of mishandling data breaches, security reporting for financial services | SC Media
Attorney General James Announces $600,000 Agreement with EyeMed After 2020 Data Breach | New York State Attorney General
FTC settles with data analytics firm after millions of Americans’ mortgage files exposed – TechCrunch
Morgan Stanley to pay $60 million to resolve data security lawsuit | WTVB | 1590 AM · 95.5 FM | The Voice of Branch County
ICO issues 'reprimands' in private to large data lawbreakers • The Register
FBI seized $2.3M from affiliate of REvil, Gandcrab ransomware gangs
Company that dumped private records in public trash is fined
Martin County tax collector still silent amid cyberattack | WPEC
DPC seeking penalty of up to €36m against Facebook
Singapore commision fine decision £10,000
Data Privacy Framework Tabb Inc
SEC Sanctions Public Company for Misleading Disclosures About Data Breach - Privacy & Information Security Law Blog
UPMC Settles Employee Data Breach Lawsuit for $2.65 Million
France's data protection authority, the Commission nationale de l’informatique et des libertés, announced a 1.75 million euro fine against multinational insurer AG2R La Mondiale for violating data retention provisions under the EU General Data Protection Regulation
The Information Commissioner’s Office (ICO) has fined transgender charity Mermaids £25,000 for failing to keep the personal data of its users secure.
Norwegian DPA: Moss Municipal Council fined | European Data Protection Board
First American Financial Pays Farcical $500K Fine – Krebs on Security
Cedaredge company fined for not securing customer data | Western Colorado | gjsentinel.com
Sanctions against 6 business operators including the Personal Information Commission and Microsoft
The Secret IRS Files Trove of NeverBeforeSeen Records Reveal How the Wealthiest Avoid Income Tax ProPublica
Medhelp will pay 12 million after the 1177 leak
Fin(d)ing Locatefamily.com: Dutch DPA imposes €525,000 fine for not having a GDPR representative
(Peachstate Pays $25,000 to Settle Potential HIPAA violation
City pays $350,000 after suing “hackers” for opening Dropbox link it sent them | Ars Technica
Dutch privacy watchdog fines Booking.com €475K – POLITICO
Restaurant fined 2000 Euros for breaching Art. 5 (1) c) GDPR - Non-compliance with general data processing principles
Hamburger Volksbank eG fined Unknown Euros for breaching Art. 21 GDPR - Insufficient fulfilment of data subjects rights
Hamburger Verkehrsverbund GmbH (HVV GmbH) fined 20,000 Euros for breaching Art. 33 GDPR, Art. 34 GDPR - Insufficient fulfilment of data breach notification obligations
Facebook Germany GmbH fined 51,000 Euros for breaching Art. 37 GDPR - Lack of appointment of data protection officer
Unknown fined 294,000 Euros for breaching Art. 5 GDPR - Non-compliance with general data processing principles
AMADOR RECREATIVOS, S.L fined 3,600 Euros for breaching Art. 5 (1) c) GDPR - Non-compliance with general data processing principles
Employer fined 9,000 Euros for breaching Art. 5 (1) c) GDPR - Non-compliance with general data processing principles
Employer fined 20,000 Euros for breaching Art. 5 (1) c) GDPR - Non-compliance with general data processing principles
Vodafone España, S.A.U. fined 40,000 Euros for breaching Art. 6 GDPR - Insufficient legal basis for data processing
Vodafone España, S.A.U. fined 30,000 Euros for breaching Art. 5 (1) f) GDPR, Art. 32 GDPR - Insufficient technical and organisational measures to ensure information security
TELEFONICA MOVILES ESPAÑA, S.A.U. fined 48,000 Euros for breaching Art. 5 (1) a) GDPR - Non-compliance with general data processing principles