New research from DLA Piper has revealed that over 59,000 data breach notifications have been reported across the EU since GDPR went into effect on 25th May 2018.
According to the firm’s new GDPR Data Breach survey, the UK is in the top three countries with the highest number of data breaches reported. In the UK there were 10,600 breaches reported though the Netherlands came in first with 15,400 breaches followed by Germany with 12,600.
Liechtenstein, Iceland and Cyprus experienced the lowest number of reported breaches with 15, 25, and 35 breaches respectively.
When the number of breach notifications was weighted against country populations, the Netherlands still came in first, with 89.8 reported breaches per 100,000 people, followed by Ireland and Denmark.
DLA Piper’s Ross McKean provided further insight on the findings of the survey, saying:
“The GDPR completely changes the compliance risk for organizations which suffer a personal data breach due to revenue based fines and the potential for US style group litigation claims for compensation. As we saw in the US when mandatory breach notification laws came into force, backed up by tough sanctions for not notifying, the GDPR is driving personal data breach out into the open. Our report confirms this with more than 59,000 data breaches notified across Europe in the first 8 months since the GDPR came into force.”
Since GDPR went into effect, 91 fines have been reported but not all of these relate to personal data breaches as several regard other infringements of the EU’s data protection laws.
Of the companies fined under GDPR, Google was fined the most heavily when the French regulator CNIL fined the search giant 50m Euros over how it personalised the ads shown on its site.