Internet Security Center
Total Tests:
This Week:
Today:
Cybercrime Investigations Weekly
A US Federal Contractor Linked To The $46M Crypto Theft Arrested
March 12, 2026
Finnish Psychotherapy Center Hacker Gets Nearly 7 Years In Prison
March 5, 2026
Former Exec Gets 7+ Years For Selling Hacking Tools To Russian Exploit Broker
February 26, 2026
Spanish Police Arrest A Man For Allegedly Booking Luxury Hotel Rooms For One Cent
February 19, 2026
Former US DOD Employee Faces Up To 100 Years In Prison For Aiding Nigerian Scammers
February 12, 2026
Stay in Touch

Get the latest updates, weekly insights, and invites to webinars and events.


Your data will stay confidential Private and Confidential

ImmuniWebInternational Media Coverage

Experian Fined €2.7m For GDPR Breach in Netherlands

Infosecurity Magazine
By Alessandro Mascellino for Infosecurity Magazine
Monday, October 20, 2025

Experian’s creditworthiness reports included information such as payment behavior, outstanding debts and bankruptcies. These reports were used by clients to determine contract terms or deposit amounts. Individuals with lower scores often faced stricter conditions or additional costs.

Ilia Kolochenko, CEO at ImmuniWeb and a Fellow at the British Computer Society (BCS), said the number of affected people could be significant.

“While the total number of affected EU residents, whose personal data was processed by Experian, remains unknown in this specific incident, we are likely talking about many millions,” he said.

Kolochenko noted that in the UK, Experian “collected information about as many as 51 million British residents,” suggesting that a comparable scale in the EU “is easy to estimate.”

He added that “the personal data in question is highly sensitive, even if not expressly labeled as such by the blank ink of GDPR,” and that its misuse could “cause long-lasting and material damage.”

According to Kolochenko, “the Dutch DPA’s fine seems to be surprisingly mild and lenient,” and further legal action is likely, including “private lawsuits for both material and non-material damages.”

Experian acknowledged the violations and said it would not appeal the fine. The company has stopped operating in the Netherlands and plans to delete its entire database of personal information by the end of the year. Read Full Article


Previous Media Publications:

Identity Week: Experian GDPR fine

Le Monde Informatique: F5 Networks enquête tous azimuts après une cyberattaque sophistiquée

This website uses cookies to provide you with a better surfing experience. To learn more, please visit our Privacy Policy. By continuing to use this website you consent to our use of cookies.

Ask a Question