Number of Reported Data Breaches Fell Significantly in 2024

Silicon Editorial,
Linkedin
Number of Reported Data Breaches Fell Significantly in 2024

In addition to hacker attacks and technical faults, human error—such as incorrect dispatch or data loss—remains a primary cause of data breaches.

The results of the annual survey conducted by dsgvo-portal.de show that the number of data breaches reported in Germany decreased significantly compared to 2023. Even the previous lowest figure of just under 14,000 in 2021 was surpassed in 2024, with just under 8,600 cases.

Bavaria Tops the List of Fines

The total number of fines imposed by German state data protection authorities in 2024 was 266—a decrease of 91 sanctions compared to 2023. Bremen issued the most fines last year, with 73 cases, followed by Hesse with 47 and Thuringia with 38. While the Bavarian State Office topped the list of fines in 2023 with over 4.3 million euros, Hamburg led in 2024 with 900,000 euros. The European total fell from 2.11 billion to 1.22 billion euros.

Overall, 2024 was a much quieter year for German data protection authorities. This is surprising, given the repeated massive security incidents at German companies. For example, the VW subsidiary Cariad attracted attention after detailed data on 800,000 VW Group e-vehicles was discovered on an unprotected web server. It remains to be seen whether fines will be imposed in this and other cases.

Ireland Leads the Way in Europe

It is expected that European court rulings, such as Schrems III in 2025, will bring renewed developments. The situation in 2025 will also be shaped by efforts from European data protection authorities to hold company executives, managing directors, and other members of management personally liable for GDPR breaches.

A comparison with other EU countries shows that while the number of fines imposed in Spain has fallen, the total amount has risen significantly year-on-year to 38.6 million euros. Italy also saw a sharp increase. With 146 fines imposed, both the number and total amount rose to 122 million euros. One reason for this rise is the Italian authority’s crackdown on unlawful telemarketing, exemplified by the 79.1 million euro fine imposed on Enel Energia. Ireland continues to lead the way in Europe, not least due to the 310 million euro fine against LinkedIn.