European companies suffer 60,000 data breaches in eight months
More than 59,000 data breaches have been reported across Europe since data protection laws were brought in last year, new figures have revealed.
The Netherlands, Germany and the UK topped the list of the most reported breaches in the eight months since new GDPR laws came into force, according to law firm DLA Piper.
Read more: Google hit with €50m fine by French data regulator in GDPR battle
The breaches, which range from minor errors such as missent emails to major cyber hacks, were reported by public and private organisations in the 26 European countries where data is available.
The Netherlands has experienced the highest number of breaches for its population size, with 89.8 reported for every 100,000 people. Liechtenstein, Iceland and Cyprus have so far flagged only a handful of breaches.
The latest survey exceeds figures released last month by the European Commission, which stated 41,502 breaches had been reported over the same period.
Ross McKean, partner at DLA Piper, said: “The GDPR completely changes the compliance risk for organisations which suffer a personal data breach due to revenue based fines and the potential for US-style group litigation claims for compensation.
“As we saw in the US when mandatory breach notification laws came into force, backed up by tough sanctions for not notifying, the GDPR is driving personal data breach out into the open.”
Read more: Six thoughts on GDPR six months after it was introduced
So far 91 fines have been handed down relating to data breaches. Last month the French data regulator issued a €50m (£43.7m) to Google for breaking EU rules on consumer data protection.
In 2017 DLA Piper was itself hit by a cyber attack, with employees’ access to emails and documents blocked following an infection by ransomware NotPetya.
Research by insurance governance company Mactavish has revealed the majority of cyber insurance policies are flawed and may not pay out in the event of a data breach or hack.