Personal data breaches March: more than 50% were of internal origin


News on cybersecurity, data protection and software solutions.

Personal data breaches March: more than 50% were of internal origin

27 Apr, 22

Brechas de datos personales marzo: más del 50% fueron de origen interno

As it does every month, the AEPD publishes its Personal Data Breach Notification Report. Upon analysis, we determined that more than 50% of the personal data breaches in March were of internal origin.

This means that it is the employees themselves and the companies’ security protocols that cause most of the personal data breaches, and even more importantly: they could easily have been prevented.

Origin of personal data breaches

  • Internal, accidental or malicious > 55.5%
  • External > 36%
  • Unknown > 8.5% 8.5%

How personal data breaches occurred

  • Cyber incident: Unauthorized access to data on SI > 20%.
  • Cyberincident: Phishing > 18%
  • Cyber incident: Encrypted device / information hijacking > 15%.
  • Lost or stolen documentation > 10%
  • Lost or stolen device > 8.5%
  • Personal data shown to the incorrect individual > 5.5%
  • Data sent in error (postal or electronically) > 4%.
  • Sending email to multiple recipients without BCC > 4%.
  • Technical incidence > 4%.
  • Abuse of access privileges > 3%.
  • Others > 8.5%.

Avoid most personal data breaches with ET Seguridad

Human error, overconfidence, abuse of privileges and insufficient security measures are among the main causes:

  • Phishing cyber incidents can be avoided by training your professionals in cybersecurity protocols.
  • Unauthorized access and abuse of privileges can be controlled and logged with monitoring software (ET Seguridad).
  • In the event of information hijacking, the only 100% secure guarantee is a good backup system (ET Backup).
  • If the entire organization preventively encrypts any personal information, it will be protected against theft, hijacking, loss and misdirection (ET Encrypt) and it will not be obliged to notify the AEPD (Spanish Data Protection Agency).


Get ET Seguridad at a special price

Request your personalized offer and start applying all these digital security measures. Get complete GDPR security.


If you do not have adequate security measures in place, it is a matter of probability that a personal data breach will occur in your business sooner or later.

ET Seguridad includes ET Encrypt, and is a global solution to comply with most of the security measures required by GDPR.

Take off your blindfold and contact us for a no-obligation review of your computer network. We will propose a solution tailored to your needs.


Submit a Comment

Your email address will not be published.

Related posts