🎙⏯ RGPD, IA & Cybersécurité : Prochains webinaires et replays 🎙⏯ RGPD, IA & Cybersécurité : Prochains webinaires et replays 🎙⏯ RGPD, IA & Cybersécurité : Prochains webinaires et replays 🎙⏯ RGPD, IA & Cybersécurité : Prochains webinaires et replays
Call us on +(33)4 28 70 91 81
Login

GDPR : CNIL report on data breaches - June 2018

Home CNIL Report Breaches GDPR : CNIL report on data breaches - June 2018

Introduction

In 2018-06, several personal data breaches were reported to CNIL, affecting various business sectors. These incidents highlighted the vulnerability of personal data and the importance of adequate protection.

Sectors concerned

The sectors most affected by data breaches are :
- Accommodation and catering: 176 times
- Specialized, scientific and technical activities: 30 times
- Financial and insurance activities: 15 times
- Information and communication: 14 times
- Administrative and support service activities: 12 times
- Public administration: 12 times
- Trade; repair of motor vehicles and motorcycles: 11 times
- Human health and social work: 10 times
- Education: 9 times
- Arts, entertainment and recreation: 8 times
- Manufacturing industry: 7 times
- Real estate: 5 times
- Other service activities: 4 times
- Transportation and warehousing: 2 times
- Water production and distribution; sewerage, waste management and remediation: 2 times
- Production and distribution of electricity, gas, steam and air conditioning: 2 times
- Construction: 1 time
- Agriculture, forestry and fishing: 1 time

Nature of violations

The types of breaches encountered this month are :
- Loss of confidentiality: 311 times
- Loss of availability: 15 times
- Loss of integrity: 15 times

Number of people affected

The number of people affected by these incidents is distributed as follows:
- Between 301 and 5000 people: 135 times
- Between 51 and 300 people: 85 times
- Between 6 and 50 people: 42 times
- Over 5000 people: 30 times
- Between 0 and 5 people: 29 times

Types of data affected

The types of data affected by the breaches are :
- Marital status (e.g. name: 259 times
- gender: 259 times
- date of birth: 259 times
- age...): 259 times
- Contact details (e.g. postal or e-mail address: 242 times
- landline or cell phone numbers...): 242 times
- Financial information (e.g. income: 184 times
- credit card number: 184 times
- bank details): 184 times
- economic data: 184 times
- Official documents (passports: 18 times
- identity documents: 18 times
- etc.): 18 times
- Identification or access data (e.g. login: 44 times
- password: 44 times
- customer number...): 44 times
- The violation concerns other data: 104 times
- Data involved not known at present: 16 times
- Data relating to offenses: 7 times
- convictions: 7 times
- security measures: 7 times
- Location data: 13 times
- NIR (Registration Number): 16 times

Origins of incidents

The main causes of these violations are :
- Lost or stolen equipment: 17 times
- Hacking: 241 times
- Malware (e.g. ransomware) and/or phishing: 241 times
- Inadvertent publication of information: 19 times
- Personal data sent to the wrong recipient: 17 times
- Lost paper: 5 times
- Stolen or left accessible in an unsecured place: 5 times
- Other: 29 times
- Personal information disclosed verbally: 4 times
- Wrong person's data displayed on customer portal: 7 times
- Mail lost or opened before being returned to sender: 1 times

Conclusion

Data Comply One (formerly Mission GDPR) offers a complete solution for complying with the GDPR thanks to its GDPR Software, DPO Coach, and outsourced DPO services. These tools help prevent data breaches by guaranteeing the security and compliance of processing practices. We invite you to use our free Diag GDPR tool to assess your company's compliance.

Consult the CNIL interactive map to find out more.
For more information on CNIL notifications and follow-up.
Data on CNIL notifications.

Other articles
on the same subject