Organisation have had it easy for some time. Data breaches are increasingly being addressed with penalties backed by GDPR legislation. Some noted fines are:
- British Airways was fined $328M.
- Facebook fined $5B for Cambridge Analytica data theft.
- $99M for Marriott Hotel
In Australia, the OAIC reports that it received 812 privacy complaints in 2018.
|2019 Bulgarian revenue agency hack||over 5,000,000||government||hacked|
|540,000,000||social network||poor security|
|1,500,000||social network||accidentally uploaded|
|First American Corporation||885,000,000||financial service company||poor security|
|Health Sciences Authority (Singapore)||808,000||healthcare||poor security|
|Justdial||100,000,000||local search||unprotected api|
|Ministry of Health (Singapore)||14,200||healthcare||poor security/inside job|
|Quest Diagnostics||11,900,000||Clinical Laboratory||poor security|
|Woodruff Arts Center||unknown||arts group||poor security|
|Australian National University||19 years of data||academic||hacked|
Here are a few links to fines noted.