Turkiye's Personal Data Protection Board (KVKK) has imposed a 2 million lira fine on Amazon.com's gaming platform Twitch following a substantial data breach, which saw a massive 125 GB of data leaked.Â
Breaking down the penalties, the Board levied a 1.75 million lira fine for inadequate security measures and an additional 250,000 lira for Twitch's failure to report the breach promptly. These amounts round up to roughly US $58,000.Â
The huge security incident affected 35,274 individuals in Turkiye, underscoring the vulnerabilities in Twitch's data protection measures, according to Anadolu Agency, cited by Reuters.Â
KVKK's investigation revealed Twitch's failure to implement adequate security protocols prior to the breach and highlighted insufficient risk and threat assessments.Â
The repercussions of this breach may influence not only Twitch but also similar platforms to reassess and fortify their cybersecurity infrastructure to prevent future incidents.Â
Failing to report security incidents promptly and not implementing adequate measures to prevent unauthorized access to sensitive data led CFIUS to conclude T-Mobile’s data breaches harmed the U.S. national security interests and levy an unprecedented $60 million fine, the largest penalty imposed by CFIUS to date.
In other news, software firm Advanced could be issued a £6.09 million ($7.75 million) fine for the NHS data breach after an investigation revealed the NHS vendor did not properly secure the information stolen in the August 2022 LockBit ransomware attack.
Recently, the Irish Data Protection Commission (DPC) has levied a €310 million fine on recruitment website LinkedIn for breaching the EU's General Data Protection Regulation (GDPR), in one of the most substantial penalties in GDPR's enforcement history.