Tristan Terlouw – Digital Marketing Strategy Nixon
28 July 2022
It is increasingly in the news: data leaks. Whether it is within the government, in a hospital or on web shops, every organization has to deal with it. The Dutch Data Protection Authority received about 24,000 reports of data breaches last year and the number of hacking, malware or phishing incidents increased by 30%. But what exactly is a data breach?
According to the privacy law or GDPR, they speak of a data breach when a third party has gained unauthorized access to sensitive personal data such as credit card numbers, bank account details and health information. The most common examples of data breaches are:
A data breach must be reported to the DPA within 72 hours of the discovery. The affected company must determine what data has been released, ensure that the breach has been stopped, and inform affected customers about their leaked data.
When a data breach has been reported on time, there are no further problems to worry about. However, if the security is not in order and the data leak has been reported too late, this can lead to an investigation and a fine for insufficient security. A fine for reporting late with a poorly secured website can lead to a fine of up to ten million euros or 2% of the organization’s annual global turnover.
In the coming years, the amount of data will grow even further. When more information moves to the cloud, cyberattacks will become more common. Employees need to know what a data breach is, what to do if they come across one and what the possible consequences may be of not reporting it to the Data Protection Authority.