About

GDPR news and data breaches

The General Data Protection Regulation (GDPR) is legislation that sets out data protection rules for businesses operating within the European Union.

With GDPR in the news constantly, businesses around the world have finally begun to improve their cybersecurity and data practices.

The Daily Swig has covered GDPR news, including the latest GDPR fines, since the law came into force in May 2018.

GDPR latest news, GDPR data breach coverage, and updates on data protection policies can be found below.


Cloud fax

Company claims healthcare pros are ditching email for ‘more secure’ fax26 July 2022Cloud faxCompany claims healthcare pros are ditching email for ‘more secure’ fax

Popular websites leaking user email data to web trackers

18 May 2022Popular websites leaking user email data to web trackersData harvested without consent and before forms are submitted in many cases, researchers claim

EU targets standardization as key to bloc-wide cyber-resilience

10 May 2022EU targets standardization as key to bloc-wide cyber-resilienceThreat landscape’s increasing complexity adds impetus to drive for consistency across 27 member states

‘A great step’

India to introduce six-hour data breach notification rule05 May 2022‘A great step’India to introduce six-hour data breach notification rule

Identity shield

ENISA urges data-handling innovation amid rising tide of healthcare breaches28 March 2022Identity shieldENISA urges data-handling innovation amid rising tide of healthcare breaches

Up close and personal

What does India's Personal Data Privacy Bill mean for individuals and businesses?23 February 2022Up close and personalWhat does India's Personal Data Privacy Bill mean for individuals and businesses?

British Council data breach leaks 10,000 student records

02 February 2022British Council data breach leaks 10,000 student recordsResearchers say 144,000 files were exposed

Indian authorities set to tighten data breach laws in 2022

29 December 2021Indian authorities set to tighten data breach laws in 2022Credit card storage rules and 72-hour breach notification deadline due to come into play next year

Tightening up

FTC implements tougher data protection rules for US financial institutions03 December 2021Tightening upFTC implements tougher data protection rules for US financial institutions

WordPress security

CookieYes GDPR plugin patches XSS bug following large-scale PHP audit29 September 2021WordPress securityCookieYes GDPR plugin patches XSS bug following large-scale PHP audit

Lessons from the aviation sector after Biden mandates cyber-attack investigatory body

05 August 2021Lessons from the aviation sector after Biden mandates cyber-attack investigatory body‘We might not make cyber-attacks as rare as airline disasters, but we can hopefully make them a more manageable problem’

British Airways breach settlement

Victims of 2018 Magecart attack awarded undisclosed sum07 July 2021British Airways breach settlementVictims of 2018 Magecart attack awarded undisclosed sum

Raising the bar

Tiki app aims to hand ownership of personal data back to the individual29 April 2021Raising the barTiki app aims to hand ownership of personal data back to the individual

Facebook data breach

Social media giant ‘knew about vulnerability two years before issue was fixed’09 April 2021Facebook data breachSocial media giant ‘knew about vulnerability two years before issue was fixed’

Enter the Matrix

Secure communications network hits 30 million user milestone08 April 2021Enter the MatrixSecure communications network hits 30 million user milestone

Covid-status passports

European privacy regulators lay down rules for ‘digital green certificate’07 April 2021Covid-status passportsEuropean privacy regulators lay down rules for ‘digital green certificate’

Booking.com fined $560,000 for GDPR data breach violation

06 April 2021Booking.com fined $560,000 for GDPR data breach violationNetherlands-based company failed to act quickly enough, says regulator

ExpertCyber

French certification scheme for infosec service providers off to promising start31 March 2021ExpertCyberFrench certification scheme for infosec service providers off to promising start

Exploiting GDPR laws to gain access to personal data

The EU’s data protection mechanism is vulnerable to attack26 March 2021Exploiting GDPR laws to gain access to personal dataThe EU’s data protection mechanism is vulnerable to attack

Say my CNAME

Rise of sneaky adtech tactic poses threat to web security and privacy25 February 2021Say my CNAMERise of sneaky adtech tactic poses threat to web security and privacy

Call for comments

EDPB lays out breach notification guidelines for organizations10 February 2021Call for commentsEDPB lays out breach notification guidelines for organizations

Grindr fined $10m for ‘grave’ GDPR violations

27 January 2021Grindr fined $10m for ‘grave’ GDPR violationsLGBT social networking app reprimanded for ‘take-it-or-leave-it consents’ to sharing sensitive personal data

Penalty notice

Fines against banks for data breaches more than doubled in 202031 December 2020Penalty noticeFines against banks for data breaches more than doubled in 2020

GDPR Down Under?

Australia proposes Privacy Act 1988 reforms inspired by EU privacy legislation18 December 2020GDPR Down Under?Australia proposes Privacy Act 1988 reforms inspired by EU privacy legislation

Swedish university fined $66,000 for GDPR violations

16 December 2020Swedish university fined $66,000 for GDPR violationsUmeå University research group held sensitive information on insecure cloud storage

Healthcare security woes

More than 45 million medical images openly accessible online15 December 2020Healthcare security woesMore than 45 million medical images openly accessible online

Flight Centre flap

Travel agency criticized over coding event that exposed sensitive user data14 December 2020Flight Centre flapTravel agency criticized over coding event that exposed sensitive user data

Unsettled debts

More than half of GDPR fines issued by UK data privacy watchdog remain unpaid04 December 2020Unsettled debtsMore than half of GDPR fines issued by UK data privacy watchdog remain unpaid

New Zealand Privacy Act

Updated data breach legislation comes into effect tomorrow30 November 2020New Zealand Privacy ActUpdated data breach legislation comes into effect tomorrow

GDPaaargh!

Polish university fined $13,000 for breach involving student data17 September 2020GDPaaargh!Polish university fined $13,000 for breach involving student data

Europe falling behind the US and China on cybersecurity funding, expertise

Mikko Hyppönen reflects on the continent’s cyber strengths and shortcomings10 September 2020Europe falling behind the US and China on cybersecurity funding, expertiseMikko Hyppönen reflects on the continent’s cyber strengths and shortcomings

Changes to Japan’s data privacy law echo GDPR

10 September 2020Changes to Japan’s data privacy law echo GDPRRevisions bear welcome similarities to EU’s data protection legislation

Cognitive blind spots

New research exposes gap between perceived security maturity and reality27 July 2020Cognitive blind spotsNew research exposes gap between perceived security maturity and reality

Coronavirus + cybercrime

Germany assumes EU presidency with a strong focus on cybersecurity24 July 2020Coronavirus + cybercrimeGermany assumes EU presidency with a strong focus on cybersecurity

EU-US Privacy Shield data-sharing framework declared invalid by ECJ

Shield’s down16 July 2020EU-US Privacy Shield data-sharing framework declared invalid by ECJShield’s down

WordPress 5.4 lands with enhanced privacy controls

31 March 2020WordPress 5.4 lands with enhanced privacy controlsLatest core release also tweaks login diagnostics for devs

UK breach survey

Organizations becoming more resilient to cyber-attacks26 March 2020UK breach surveyOrganizations becoming more resilient to cyber-attacks

Princess Cruises

Data breach hits shipping company caught in coronavirus epidemic16 March 2020Princess Cruises Data breach hits shipping company caught in coronavirus epidemic