government healthcare social media service provider fine education finance dark web retail law enforcement web telecoms travel manufacturing operating system phama insurance legal charity app gaming tech publishing transport utilities
story hacked malware unauthorised access ransomware vulnerability accidental disclosure phishing unsecured database poor security insider threat unsecured server hacked email lost device website hacked identity theft stolen documents ddos Trojans financial inside job spear phishing RDP skimming spyware
cyber attack privacy breach notification security flaw legislation poor operations user credentials physical security customer data third party Cryptocurrency enforcement email hacked insecure storage court action encryption VPN fraud passwords zero day 3rd parties state hacking remote working stolen data cloud

VODAFONE ONO, S.A.U. fined 48,000 Euros for breaching Art. 32 GDPR - Insufficient technical and organisational measures to ensure information security
VODAFONE ONO, S.A.U. fined 36,000 Euros for breaching Art. 5 (1) f) GDPR - Non-compliance with general data processing principles
Vodafone España, S.A.U. fined 21,000 Euros for breaching Art. 6 (1) GDPR - Insufficient legal basis for data processing
Doctor fined 14,000 Euros for breaching Art. 5 GDPR, Art. 6 GDPR - Insufficient legal basis for data processing
Newspaper fined 10,000 Euros for breaching Art. 6 GDPR - Insufficient legal basis for data processing
State Hospital fined 5,000 Euros for breaching Art. 15 GDPR - Insufficient fulfilment of data subjects rights
Asesoría Alpi-Clúa S.L. fined 3,000 Euros for breaching Art. 5 (1) f) GDPR, Art. 32 (1) GDPR - Non-compliance with general data processing principles
Vodafone España, S.A.U. fined 60,000 Euros for breaching Art. 6 (1) GDPR - Insufficient legal basis for data processing
Hackers hacked into the system of three Prague polyclinics, e-mails and ordering system do not work
Heredad de Urueña S.A. fined 2000 Euros for breaching Art. 13 GDPR - Insufficient fulfilment of information obligations
Cultural association fined 3,000 Euros for breaching Art. 6 (1) a) GDPR - Insufficient legal basis for data processing
School fined 1,000 Euros for breaching Art. 5 (1) c) GDPR, Art. 6 (1) GDPR, Art. 8 GDPR - Insufficient legal basis for data processing
Certime S.A. fined 5,000 Euros for breaching Art. 5 (1) b) GDPR - Non-compliance with general data processing principles
Google facing $5bn lawsuit over Chrome's not-so-incognito mode | TechRadar
NBQ Technology, S.A.U. fined 12,000 Euros for breaching Art. 6 (1) GDPR - Insufficient legal basis for data processing
Private Person fined 1,500 Euros for breaching Art. 5 (1) c) GDPR - Non-compliance with general data processing principles
Vodafone España, S.A.U. fined 8,150,000 Euros for breaching Art. 28 GDPR, Art. 24 GDPR, Art. 44 GDPR, Art. 21 LSSI, Art. 48 (1) b) LGT, Art. 21 GDPR, Art. 23 LOPDGDD - Insufficient fulfilment of data subjects rights
Epsilon agrees to pay $150m fine to DoJ for selling data to fraudsters | News | GRC World Forums
Xfera Moviles S.A. fined 90,000 Euros for breaching Art. 5 (1) f) GDPR, Art. 17 GDPR, Art. 32 GDPR - Insufficient technical and organisational measures to ensure information security
Equifax Iberica S.L. fined 50,000 Euros for breaching Art. 6 (1) f) GDPR - Insufficient legal basis for data processing
Filigrana Comunicación S.L.U. fined 8,000 Euros for breaching Art. 6 (1) GDPR, Art. 13 GPDR, Art. 14 GDPR - Insufficient fulfilment of information obligations
Hospital Campogrande DE fined 10,000 Euros for breaching Art. 5 (1) f) GDPR - Non-compliance with general data processing principles
VfB Stuttgart 1893 AG fined 300,000 Euros for breaching Art. 5 (2) GDPR - Non-compliance with general data processing principles
Homeowners Association fined 15,000 Euros for breaching Art. 5 (1) f) GDPR - Non-compliance with general data processing principles
Electricity Authority of Cyprus fined 40,000 Euros for breaching Art. 6 (1) GDPR, Art. 9 (2) GDPR - Insufficient legal basis for data processing
KEPIDES fined 6,000 Euros for breaching Art. 32 (4) - Insufficient technical and organisational measures to ensure information security
Cypriot Real Estate Registration Authority fined 10,000 Euros for breaching Art. 12 GDPR, Art. 15 GDPR, Art. 31 GDPR, Art. 58 (1) e) GDPR - Insufficient fulfilment of information obligations
Hellenic Bank fined 25,000 Euros for breaching Art. 5 (1) e), f) GDPR, Art. 32 (1) b), c) GDPR, Art. 33 (1) GDPR - Insufficient technical and organisational measures to ensure information security
Private Individual fined 200 Euros for breaching Art. 5 GDPR, Art. 32 GDPR - Non-compliance with general data processing principles
I-DE Redes Eléctricas Inteligentes, S.A.U fined 200,000 Euros for breaching Art. 5 (1) b), c) GDPR, Art. 6 (1) b) GDPR - Non-compliance with general data processing principles
Registrų Centras fined 15,000 Euros for breaching Art. 32 (1) b), c) GDPR - Insufficient technical and organisational measures to ensure information security
Unknown fined 9,000 Euros for breaching Art. 6 GDPR, Art. 13 GDPR - Insufficient legal basis for data processing
Undisclosed company fined 24,400 Euros for breaching Art. 5 GDPR, Art. 6 GDPR - Insufficient legal basis for data processing
IT sprendimai sėkmei fined 3,000 Euros for breaching Art. 5 (1), (2) GDPR, Art. 13 GDPR, Art. 24 GDPR, Art. 32 GDPR, Art. 35 GDPR, Art. 58 (2) f) GDPR - Non-compliance with general data processing principles
Nacionaliniam visuomenės sveikatos centrui (NVSC) fined 12,000 Euros for breaching Art. 5 (1), (2) GDPR, Art. 13 GDPR, Art. 24 GDPR, Art. 32 GDPR, Art. 35 GDPR, Art. 58 (2) f) GDPR - Non-compliance with general data processing principles
Istituto Nazionale Previdenza Sociale (INPS) fined 300,000 Euros for breaching Art. 5 (1) a), c), d) GDPR, Art. 25 GDPR, Art. 35 GDPR - Non-compliance with general data processing principles
Avilon Center 2016 S.L. fined 12,000 Euros for breaching Art. 48 (1) b) LGT, Art. 21 GDPR, Art. 23 (4) LOPDGDD - Insufficient fulfilment of data subjects rights
Deutsche Wohnen SE fined 0 Euros for breaching Art. 5 GDPR, Art. 25 GDPR - Non-compliance with general data processing principles
Wawa Reaches Proposed $12M Settlement in Data Breach Litigation | The Legal Intelligencer
Security company (name not available at the moment) fined Unknown Euros for breaching Art. 32 (1) b), d) GDPR, Art. 32 (2), (4) GDPR - Insufficient technical and organisational measures to ensure information security