In order to raise awareness of data controllers and processors, the CNPD shared its first feedback on the violations that have been notified since May 25, 2018, when the GDPR entered into application.
The CNPD has stated that it has received 97 notifications of data breaches from May 25, 2018 to September 27, 2018.
The CNPD has specified the sources of these violations as:
- 56% results from non-malicious internal act;
- 36% results from malicious external act;
- 2% is the result of malicious internal act;
- 6% other.
The Luxembourg supervisory authority also explained that a third of incidents are linked to accidents in the context of sendinge-mails and that a quarter of the incidents are linked to external piracy or hacking.