Data Protection Academy » Data Protection News » Examples of data breaches

Examples of data breaches

Examples of data breaches

What happens in data protection

According to Article 33 GDPR data breaches, or so-called "personal data breaches", must be reported to the supervisory authority. In this category Robin Data publishes current data breaches to raise awareness. Because if you neglect the topic of Data protectionyou could be subject to heavy fines.

To the Wiki article on data breaches

Data breach Microsoft customer records leaked

In December 2019, 250 million support requests to Microsoft were available online for two days. Security researchers reported the data breach to Microsoft.

Massive data breach at car rental company Buchbinder

Over 2.5 million German customers affected. High potential for abuse, use your right to information and ask if you are affected.

British government published private addresses of stars

The British government publishes the addresses of around 1000 celebrities, politicians and private individuals who receive the traditional New Year's honours.

Data breach at Phoenix: sensitive data sent by pharmacies

An employee unintentionally sent delivery and turnover data of 211 pharmacies by fax. Data protection officers were involved.

Data failure in the district office Coburg

Allegedly deleted data on a hard drive came into circulation: Some 12,000 documents, e-mails and passwords were released.

Data breach employees fashion house H&M

The Swedish fashion house H&M is accused of having sounded out its employees. This also involved sensitive health data.

Data breakdown frequent flyer programme Miles & More

Lufthansa's frequent flyer programme confirms data breakdown. Thousands of users had access to foreign profiles.

Data breach patient data sent to wrong recipient

Nationwide NDR survey revealed that patient data is sent to the wrong recipients. Now data protection is threatened with a fine.

Data breach in medical practice: patient data online

Patient data of a medical practice publicly accessible for several months. The reason was a weakness of the router used.

Data breach at UniCredit

The Italian bank UniCredit is the victim of a hacker attack. Around three million names, e-mail addresses and telephone numbers were captured.

Data breach at Adobe

Due to a security vulnerability, 7.5 million data of users of the Creative Cloud were publicly accessible. Read what you should be aware of now.

Data breach at Mercedes Benz

Several customers of the application Mercedes-Me got temporarily the data of other users displayed. Only customers from the USA were affected.

30.000 Euro fine for defective cookie banner

Shortly after the ruling of the European Court of Justice, the Spanish regulatory authority imposed the first fine on the airline Vueling.

Data breach and fine for Greek company

The Greek data protection authority has imposed a fine of EUR 200 000 on the telecommunications operator OTE.

Data breach at the city council of Magdeburg

The cause is the failure of computer programs. No personal data has been passed on to third parties, the data protection commissioner of the state of Saxony-Anhalt has been informed.

Data breach at Deutsche Bahn

In front of the Düsseldorf airport train station several boxes of files were found, which contained data of employees and passengers.

Data breach: police headquarters Neubrandenburg

Police officer confuses e-mail address with press distribution list and sends to 158 media representatives at the request of a private individual.

Data breach in Ecuador

Personal data of 17 million people from Ecuador published online on servers of Elasticsearch Also included was information about Wikileaks founder Julian Assange.

Data breach: health data

Highly sensitive medical data stored worldwide on servers without password protection The approximately 16 million data records come from 50 countries worldwide. In Germany, 13,000 patients are affected.

Data range Facebook phone numbers

Around 420 million data records, including telephone numbers of Facebook users, primarily from the USA, Great Britain and Vietnam, were freely accessible on the Internet.

Apple IPhone data failure

Apple's IPhones could apparently be spied on for more than 2 years. For example, a woman claiming to be Chinese spyware...

Swiss health insurance company sends statements incorrectly

Once again, CSS billing data has been sent to the wrong customers via the online portal of the Swiss health insurance company.

Data failure Bavarian Red Cross

The State Office for Data Protection Supervision has started investigations against the BRK regarding a possible transfer of health data to Facebook.

Data breakdown school Sweden

The Swedish Data Protection Agency imposes its first fine for GDPR violation on a school in Skelleftea.

Data breach Mastercard

Data such as mobile phone numbers, addresses and birthdays of almost 90,000 customers of the bonus program Priceless Specials have appeared on the Internet.

Data protection breakdown affects police officers

Data breakdown at the police in Thuringia. In the Unstrut-Hainich office, personal data of 134 police officers were transmitted unencrypted.

Data breach Biometric data

Serious data breach at Suprema, the Korean security solutions manufacturer. Fingerprint and facial recognition data was publicly available.

Plauen District Office Office Protection of the Constitution

Personal data of citizens who registered for meetings were reported. A violation of data protection and freedom of assembly.

Twitter user data advertisers

Information on the country code and whether and when ads were viewed was passed on. According to Twitter, the data mishap was fixed on 05.08.2019.

Datenpanne Spielemesse E3

The list contained 2000 records of trade visitors. Journalist Sophia Narwitz drew attention to the data discrepancy in a YouTube video.

100 million records stolen from US bank

Most of the data captured by a hacker attack originates from credit card applications and existing credit cards of the bank's customers.

Security incident in hospital IT

As a result, data was encrypted by the malware and hospital operations were significantly impaired.

Facebook fine $5 billion

The unauthorised processing of Facebook user data by Cambridge Analytica resulted in financial fines and structural changes.

Data breach on Facebook Messenger for kids

Facebook Messenger Kids allows kids to chat with parent-approved users. A technical error made it possible to chat with strangers.

Data breach at the city of Winsen

For eight months, a list of persons banned from the official building was publicly available on the website.

Data breach at the Gütersloh Job Center

Data breakdown at the Gütersloh Job Center: unshredded files were disposed of in blue paper bins and were accessible to everyone.

Massive data breach at the Russian secret service

Data leak at the Russian secret service FSB: Hackers are said to have stolen data on current projects and operations from the Moscow spy agency.

Data leak at petition platform WeAct

According to the operator of a petition platform Campact, lists of signatories were publicly accessible due to a technical error.

Dutch fine against hospital

The Dutch supervisory authority imposed a fine on Haga Hospital for insufficient security of patient records.

Data breach at LKA Lower Saxony

Already on 08.05.2019, a briefcase containing highly sensitive information is said to have been stolen from a private car by an official of the LKA.

110 million Euro fine for Marriott hotel chain

At the end of 2018 a hacker attack on the hotel chain became known. Presumably 339 million customer data were compromised.

15.000€ for hotel because of photographed breakfast list

15,000 euros for a hotel in Romania because a third party photographed and published online a list with data of 46 hotel guests.

Hackers steal customer data in medium-sized businesses

Automated hacker attack presumably from abroad, 221,000 captured customer data.

25,000 patient files found in empty building

25,000 patient files found in a vacant clinic building.

Fines enforced to date by supervisory authorities

These fines were enforced by regulatory authorities. Learn what went wrong and what you can do better yourself.

Theft of customer data craft enterprise

On 30 January 2019 a goldsmith was brutally attacked in Halle (Saale). In addition to the jewellery, the robbers also captured contact details of numerous customers.

Google stores location data of Android users

Google stores location data of Android users - even if you have to assume that this is not actually done.

Customer data visible at Amazon

Amazon makes email addresses in Europe and the USA visible.

Salary data of a social club published

Authority loses social data of an association. Personal information accessible via the Internet should be placed securely online.

Data breach at the FDP Saxony

Party sends false member data.

This might interest you too:

GDPR infringements are punished with heavy fines. Find out which data protection infringements are suspected and secure yourself.
The telecommunications operator was found to be involved in unlawful processing for marketing purposes. millions of people were affected.
120.000 € because the security of the app "Skolemelding" for communication between school staff, parents and pupils was not guaranteed.

Caroline Schwabe
Latest posts by Caroline Schwabe (see all)

Recent Comments