TikTok: EU issued over €1.2bn in GDPR fines in 2025 as multiple data breaches bite

GDPR Fines Hit €1.2 Billion in 2025 as Data Breach Reports Surge 22%

European regulators imposed over €1.2 billion ($1.4 billion) in GDPR fines in 2025, a slight increase from the previous year, even as personal data breach notifications jumped 22% year-over-year. According to a report by DLA Piper, regulators processed an average of 443 breach reports daily the first time notifications exceeded 400 per day since GDPR’s implementation.

The rise in breaches is attributed to multiple factors, including geopolitical tensions, the proliferation of new attack tools for cybercriminals, and stricter incident reporting laws. While enforcement remained concentrated, Ireland led GDPR penalties, issuing the largest fine of 2025 a €530 million penalty against TikTok. The country also holds the record for the highest-ever GDPR fine, a €1.2 billion fine against Meta in 2023, and has accounted for €4.04 billion in total fines since the regulation took effect.

Big Tech remained a primary target, with nine of the ten largest GDPR fines levied against major technology companies. Regulators continued to focus on information security, data transfers, transparency, and the intersection of AI and privacy laws, signaling sustained scrutiny in these areas.

Source: https://www.techradar.com/pro/eu-issued-over-eur1-2bn-in-gdpr-fines-in-2025-as-multiple-data-breaches-bite

TikTok cybersecurity rating report: https://www.rankiteo.com/company/tiktok

"id": "TIK1769168089",
"linkid": "tiktok",
"type": "Breach",
"date": "6/2023",
"severity": "50",
"impact": "2",
"explanation": "Attack limited on finance or reputation"

{'affected_entities': [{'industry': 'Social Media',
                        'location': 'Ireland',
                        'name': 'TikTok',
                        'type': 'Technology Company'},
                       {'industry': 'Social Media',
                        'location': 'Ireland',
                        'name': 'Meta',
                        'type': 'Technology Company'}],
 'data_breach': {'personally_identifiable_information': 'Yes',
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': 'Personal data'},
 'date_publicly_disclosed': '2025',
 'description': 'European regulators imposed over €1.2 billion in GDPR fines '
                'in 2025, with personal data breach notifications increasing '
                'by 22% year-over-year. The rise in breaches is attributed to '
                'geopolitical tensions, new attack tools, and stricter '
                'incident reporting laws. Ireland led GDPR penalties with a '
                '€530 million fine against TikTok.',
 'impact': {'data_compromised': 'Personal data',
            'financial_loss': '€1.2 billion in GDPR fines',
            'legal_liabilities': 'GDPR fines and regulatory actions'},
 'post_incident_analysis': {'root_causes': ['Geopolitical tensions',
                                            'Proliferation of new attack tools',
                                            'Stricter incident reporting '
                                            'laws']},
 'references': [{'source': 'DLA Piper'}],
 'regulatory_compliance': {'fines_imposed': '€1.2 billion',
                           'regulations_violated': ['GDPR'],
                           'regulatory_notifications': '443 breach reports '
                                                       'daily'},
 'title': 'GDPR Fines and Data Breach Surge in 2025',
 'type': 'Data Breach'}