Germany Issues First GDPR Fine Following Data Breach at Social Media Company

Nearly 2 million username and password combinations along with 330,000 email and password combinations were exposed in a data breach impacting German social media platform Knuddels.de. The company received a €20,000 fine related to the EU’s General Data Protection Regulation (GDPR) because the passwords exposed were stored in plain text.

Read More

Many Not Ready for GDPR Requirements Including 72 Hour Breach Notification

The European Union’s General Data Protection Regulation (GDPR) goes into effect May 25th and will apply to any collecting and storing information on EU consumers, with fines for non-compliance as high as €20 million or 4 percent of annual revenue. Despite the hefty potential penalties, just 52 percent of organizations said they will be GDPR compliant by the May deadline in a recent survey.

Replacing the EU Data Protection Directive, GDPR brings several new requirements and challenges for organizations that use data to track online behavior or market goods or services to consumers in the EU, regardless of where the organization is based.  Comprised of 91 articles, GDPR has been a challenge for many organizations who must adjust their data collection policies and disclosures.

Read More