The top two data breaches in history, when you look at the number of affected users, comes down to Yahoo in 2013 (3 billion users) and FriendFinder in 2016 (412 million users). And now, joining this list at number three—as of March 2018—is MyFitnessPal, with 150 million affected users.
MyFitnessPal data breach
Since the breach was first disclosed on March 29th, Under Armour—the parent company of MyFitnessPal—hasn’t revealed any details about how the breach happened. It has confirmed that the breached data includes over 150 million users’ usernames, personal email addresses, and scrambled passwords. Since the breach exposed highly sensitive data, Under Armour has started notifying users to change their password.
The need for the GDPR
This incident with MyFitnessPal serves as a reminder that the General Data Protection Regulation (GDPR) is more essential now than ever. The GDPR contains a set of strict requirements for security and privacy that will come into full effect on May 25, 2018. With the GDPR, all personal data is important.
How the GDPR aims to end data security negligence
The GDPR’s strict requirements and huge non-compliance penalties make it stand out from all other regulations in the industry. When the GDPR goes into effect, any organization that processes the personal data of EU citizens, or monitors the behavior of EU data subjects, will have to comply with its requirements or risk paying penalties of up to €20 million or four percent of their global annual turnover, whichever is higher.
The GDPR aims to provide individuals with more control over how their personal data is handled by enterprises. It mandates that organizations enhance their security strategies to ensure data security at all levels, as well as prepare an outline of post-breach strategies to minimize the impact of an attack.
With only 50 days left before the implementation of the GDPR, it’s high time that enterprises collecting and processing the personal data of EU citizens take the appropriate steps to comply with the GDPR. To simplify your journey to GDPR compliance, we’re offering several free resources.