Data breaches are showing no signs of slowing.
It has been reported that over 59,000 data breaches have been reported across Europeans companies over the last eight months.
The Netherlands, Germany and the UK reported breaches since the General Data Protection Regulation came into force on 25 May 2018, according to law firm DLA Piper.
Data breaches compromised 4.5 billion records in the first half of 2018
What type of breach?
The data breaches ranged from ‘minor’ errors to major cyber attacks, and were reported across public and private organisations in the 26 European countries.
]The Netherlands has experienced the highest number of breaches for its population size, with 89.8 reported for every 100,000 people. Liechtenstein, Iceland and Cyprus only reported a small number of breaches.
The latest survey from DLA exceeds figures released by the European Commission, which stated 41,502 breaches had been reported over the same eight month period.
Ross McKean, partner at DLA Piper, said: “The GDPR completely changes the compliance risk for organisations which suffer a personal data breach due to revenue based fines and the potential for US-style group litigation claims for compensation.
“As we saw in the US when mandatory breach notification laws came into force, backed up by tough sanctions for not notifying, the GDPR is driving personal data breach out into the open.”
Average fine for data breaches doubles to £146,000 in just a year
The average value of fines issued by the UK’s data watchdog doubled over the last year to reach £146,000, according to new research released today by London-based professional services firm RPC. Read here
Currently, 91 fines have been handed down relating to data breaches.
The largest so far? Last month the French data watchdog fined Google €50m (£43.7m), for breaking EU rules on consumer data protection.
John Andrews, VP, Centrify comments: “These new statistics into European fines for breaches are really impactful. We are finally seeing GDPR begin to take effect, however it is important to note that these figures have been obtained after the data protection law came into effect. It is worrying to think just how many consumers were impacted on a daily basis before these laws were introduced and how many fines would have been issued as a result of those breaches.
“We should be using this as a means of educating ourselves about the dangers of breaches and impact they can have. It is vital that companies begin to protect their credentials or adopt a zero trust privilege posture before they suffer a breach rather than acting after the damage is done.”