government healthcare social media service provider fine education finance dark web retail law enforcement web telecoms travel manufacturing phama operating system insurance legal charity app tech gaming publishing transport utilities
story hacked malware unauthorised access ransomware vulnerability accidental disclosure phishing unsecured database poor security insider threat unsecured server hacked email lost device website hacked identity theft stolen documents ddos Trojans financial inside job spear phishing RDP spyware skimming
cyber attack privacy breach notification security flaw legislation poor operations user credentials physical security customer data third party Cryptocurrency enforcement email hacked insecure storage court action encryption fraud VPN passwords zero day 3rd parties state hacking employee data remote working stolen data

Morele.net fined 660,000 Euros for breaching Art. 32 GDPR - Insufficient technical and organisational measures to ensure information security
Online Services fined 7,000 Euros for breaching Art. 17 GDPR - Insufficient fulfilment of data subjects rights
School in Skellefteå fined 18,630 Euros for breaching Art. 5 (1) c) GDPR, Art. 9 GDPR, Art. 35 GDPR, Art. 36 GDPR - Insufficient legal basis for data processing
AVON COSMETICS fined 60,000 Euros for breaching Art. 6 GDPR - Insufficient legal basis for data processing
Government Office Managing the Real Estate Register fined 1,715 Euros for breaching Art. 5 GDPR, Art. 14 GDPR - Non-compliance with general data processing principles
Private person (YouTube-Channel) fined 200 Euros for breaching Art. 5 GDPR, Art. 6 GDPR - Insufficient legal basis for data processing
Public area maintenance company fined 4,290 Euros for breaching Art. 5 GDPR, Art. 6 GDPR, Art. 13 GDPR - Non-compliance with general data processing principles
Company in the medical sector fined 50,000 Euros for breaching Art. 13 GDPR, Art. 37 GDPR - Insufficient fulfilment of information obligations
PWC Business Solutions fined 150,000 Euros for breaching Art. 5 (1) GDPR, Art. 5 (2) GDPR, Art. 6 (1) GDPR, Art. 13 (1) c) GDPR, Art. 14 (1) c) GDPR - Insufficient legal basis for data processing
ACTIVE ASSURANCES (car insurer) fined 180,000 Euros for breaching Art. 32 GDPR - Insufficient technical and organisational measures to ensure information security
Equifax to Pay $575 Million as Part of Settlement with FTC, CFPB, and States Related to 2017 Data Breach | Federal Trade Commission
Budapest Environs Regional Court fined 8,575 Euros for breaching Art. 5 GDPR, Art. 6 GDPR - Insufficient legal basis for data processing
Gastroenterology Services Staten Island NY
Private person (soccer coach) fined 11,000 Euros for breaching Art. 6 GDPR - Insufficient legal basis for data processing
Northern District of Georgia | Former Equifax employee sentenced for insider trading | United States Department of Justice
Financial Enterprise fined 2,850 Euros for breaching Art. 5 GDPR, Art. 6 GDPR, Art. 21 GDPR - Insufficient legal basis for data processing
Unknown fined 2,850 Euros for breaching Art. 5 GDPR, Art. 6 GDPR, Art. 17 GDPR - Insufficient legal basis for data processing
Unknown fined 15,150 Euros for breaching Art. 33 GDPR - Insufficient fulfilment of data breach notification obligations
Haga Hospital fined 460,000 Euros for breaching Art. 32 GDPR - Insufficient technical and organisational measures to ensure information security
Professional Football League (LaLiga) fined 250,000 Euros for breaching Art. 5 (1) a), Art. 7 (3) GDPR - Insufficient fulfilment of information obligations
Police Officer fined 800 Euros for breaching Art. 6 GDPR - Insufficient legal basis for data processing
Claim management company fined 2,850 Euros for breaching Art. 5 GDPR, Art. 6 GDPR - Insufficient legal basis for data processing
Local bank fined 2000 Euros for breaching Art. 12 (3), (4), (5) GDPR, Art. 15 GDPR, Art. 18 GDPR - Insufficient fulfilment of data subjects rights
Mayor fined 2000 Euros for breaching Art. 5 (1) b) GDPR, Art. 6 GDPR - Insufficient legal basis for data processing
Organizer of SZIGET festival and VOLT festival fined 92,146 Euros for breaching Art. 6 GDPR, Art. 5 (1) b) GDPR, Art. 13 GDPR - Insufficient legal basis for data processing
Directorate of Social and Child Welfare Institutions of the Ferencvaros District of Budapest fined 286 Euros for breaching Art. 33 GDPR - Insufficient fulfilment of data breach notification obligations
Payment service provider UAB MisterTango fined 61,500 Euros for breaching Art. 5 GDPR, Art. 32 GDPR, Art. 33 GDPR - Insufficient fulfilment of data breach notification obligations
Police Officer fined 1,400 Euros for breaching Art. 6 GDPR - Insufficient legal basis for data processing
Oslo Municipal Education Department fined 120,000 Euros for breaching Art. 32 GDPR - Insufficient technical and organisational measures to ensure information security
Unknown fined 9,400 Euros for breaching Art. 5 (1) a) GDPR, Art. 6 GDPR - Insufficient legal basis for data processing
Italian political party Movimento 5 Stelle fined 50,000 Euros for breaching Art. 32 GDPR - Insufficient technical and organisational measures to ensure information security
Company in the financial sector fined 80,000 Euros for breaching Art. 5 GDPR, Art. 32 GDPR - Insufficient technical and organisational measures to ensure information security
Transnational Organized Crime Rewards Program United States Department of State
Unknown fined 1,900 Euros for breaching Art. 15 GDPR - Insufficient fulfilment of data subjects rights
Hungarian political party fined 34,375 Euros for breaching Art. 33 (1) GDPR, Art. 33 (5) GDPR, Art. 34 (1) GDPR - Insufficient fulfilment of data breach notification obligations
Unknown fined 500 Euros for breaching Unknown - Unknown
Private company working with data from publicly available sources fined 220,000 Euros for breaching Art. 14 GDPR - Insufficient fulfilment of information obligations
Unknown fined 2000 Euros for breaching Art. 13 GDPR - Insufficient fulfilment of information obligations
Unknown fined 2000 Euros for breaching Art. 13 GDPR - Insufficient fulfilment of information obligations
Lands Authority fined 5,000 Euros for breaching Art. 5 GDPR, Art. 32 GDPR - Insufficient technical and organisational measures to ensure information security