Demo Free trial Request quote Contact me
GDPR fines are growing - the leaks continue
It’s been over a year since GDPR was introduced through local legislation throughout the entire EU. But what has happened so far, looking from a security perspective? Clearly, there is still much to be done to increase security and reduce leaks.
By Stefan Thelberg Topics: GDPR, General Data Protection Regulation, Hacker attacks

The Marriot hotel chain risks a million dollar fine for leaking half a billion personal data records. British Airways faces $230 million fines after hackers gained access to 380,000 travelers sensitive personal data, including their credit card details. In June, the official figures was just over 40 million personal data records leaked around Europe (see summary of the leakage).

On July 22, Bulgarian media received an email from a Russian source. According to the sender, they had received a large amount of information about Bulgarian citizens from the NRA, the country's tax authority, several months before. According to the media, the personal information is now out on hacker forums. Siren Hofvander, IT security consultant at Cybercom, believes that it is only a matter of time before this happens in Sweden and other countries as well.

So how should one proceed in working with GDPR when the relationship can be perceived as counterproductive. After all, your organization is not directly rewarded for doing a really good job related to GDPR.

“The investment done in relation to GDPR works just like any other investment. If it’s not a good ROI, it will go out of focus. In these cases managing personal data will become more unsafe over time. So the most important task for the regulators, one year after its introduction, is to powerfully and consistently combat violations of the GDPR. Not just to punish the organization in question, but rather to show the ones who invested time and money in complying with GDPR that they made a really good investment. Stopping negligence and lack of security will have a preventive effect, which will reduce the leakage and thereby reduce the risks for each individual. ”, says Stefan Thelberg, CEO and security expert at Holm Security.

Read more

List of data breaches and cyber attacks in June 2019 ­– 39.7 million records leaked (external link):
Marriott faces over $1M in GDPR fines (external link in Swedish):
British Airways may be fined $2M for GDPR breach (external link in Swedish):
The Bulgarian leak: "Only a matter of time before it happens in Sweden" (external link in Swedish):
About the author
Founder and CEO of Holm Security. Stefan is one of Sweden's most prominent cyber security entrepreneurs, previously founded the Swedish Webhosting Group and Stay Secure. Stay Secure was the largest email security provider in northern Europe. He has worked with sales of IT security products towards the private and public sector for close to 20 years.

Stefan Thelberg
+46 (0)739-99 33 12