European businesses, both private and public, have reported 59,000 data breach notifications since the General Data Protection Regulation (GDPR) kicked off late last May.
This is according to a new report by DLA Piper, which found that the UK alone reported 10,600 breaches, while the Netherlands topped the table with 15,400 reports. At the other end of the spectrum is Lichtenstein with a total of 15 reports.
The Netherlands have had most data breaches per capita – 89.8 per 100,000 people. The UK ranks tenth on this table, while Greece ranks lowest.
According to DLA Partner Ross McKean, GDPR is ‘driving personal data breach out into the open’.
Since GDPR came into force on May 25 last year, a total of 91 fines have been reported. Not all relate to data breaches, though. The highest fine so far is €50 million, made against Google (although Google is currently appealing the decision).
"The regulators have already started to flex their muscles with 91 GDPR fines imposed to date but the fine against Google is a landmark moment and is notable partly because it is not related to personal data breach,” commented Sam Millar, a partner at DLA Piper specialising in cyber and large scale investigations.
“We anticipate that regulators will treat data breach more harshly by imposing higher fines given the more acute risk of harm to individuals. We can expect more fines to follow over the coming year as the regulators clear the backlog of notifications."
The DLA Piper’s full report can be found here (opens in new tab).
Image Credit: Balefire / Shutterstock