Data Protection and Privacy News

Six sanctions and 781,200 people affected: the Council's setback to Education for Google Workspace

In Ubrique, frauds are detected with false donations and bank messages in the name of neighborhood associations

The lawyer Bea de Vicente has pointed out that identity thefts of legal entities are increasingly frequent

The Faublogs portal promises jobs in the Prosecutor's Office 2026, but the entity denies their existence

The audiovisual material invites users to apply for supposed professional and technical positions in the Attorney General's Office of the Nation for the year 2026, information that the entity itself has categorically denied

100% of the cartoons created by ChatGPT may include hidden technical metadata in the image

To obtain a caricature, the user initiates a conversation with ChatGPT and requests an image based on their message history. In many cases, the assistant requires a photograph to refine the visual details

Starlink uses personal data of 9 million users to train its artificial intelligence

The updated policy allows Starlink to access contact information, performance metrics, billing data, and, in some cases, communications data such as audio, electronic, or visual information

80% of leaks in Catalonia are due to simple passwords like 123456 or qwerty

According to data provided by the Mossos d'Esquadra and cybersecurity specialists, more than 80% of data breaches originate from overly simple passwords

Personal data breaches in the Valencian Community grew by 28% in 2025

The National Cybersecurity Institute has registered more than 130,000 incidents nationwide in 2025, which represents a 25% increase compared to the previous year

Discover which company leaked your data using aliases in your Gmail address

Some companies automatically eliminate aliases when processing email addresses, which hinders traceability and the tracking of possible leaks

Up to 400 euros daily: this is how the fake job offers on TikTok detected in Catalonia operate

The ads, which have been seen on user profiles in Barcelona, Girona, and Tarragona, include links that redirect to a WhatsApp chat with a foreign number

Europe imposed more than 330 sanctions for data protection in 2025, exceeding 1.15 billion euros

The media, telecommunications, and broadcasting sectors were responsible for more than 80% of the total sanctioned, placing these activities at the center of regulatory oversight

2,765 data breaches reported in Spain in 2025: only 11 cases referred for investigation

In the last year, more than 200 million communications have been sent to individuals affected by breaches considered high-risk

More than 3 provinces affected by fake DGT traffic fines in Catalonia

The emails include links that lead to fake web pages. On these sites, the alleged perpetrators try to obtain personal data, banking information, and passwords from the victims.

90% of teachers use AI in class, but only 48.5% trust data protection

71.6% use these systems primarily for planning and creating materials, while 84% maintain that AI generates more day-to-day work

€2,000 fine for recording patients: clinic sanctioned for camera in the dental office

The camera installed in the cabinet would include image recording during patient treatment in the operating room

300,000 Endesa customer records on the dark web: threat actor announces further leaks

According to Endesa, the intrusion allowed third parties to access sensitive customer information, including identification data, contracts, and in some cases, banking information

2,765 data breach notifications in 2025: one every three hours on average

The breaches that have impacted the largest number of people in 2025 are related to ransomware-type cyber incidents and intrusions into information systems that have allowed the exfiltration of large volumes of personal data

2 complaints in Burgos for false fine collections at homes

In one of the reported cases, an individual presented himself as an official from the General Directorate of Traffic and attempted to collect a fine at the person's home. The DGT does not collect fines at people's homes...

47 public officials from 15 communities affected by personal data breach

Among those affected are top political leaders such as Isabel Díaz Ayuso, Juan Manuel Moreno Bonilla, María Guardiola, Alfonso Fernández Mañueco, Imanol Pradales, Carlos Mazón, María Chivite, and Jorge Azcón

7 out of 10 users in Barcelona interact with AI without knowing it, according to a digital law expert

The integration of Artificial Intelligence into administrative processes and everyday services in Catalonia is irreversible. Naranjo Godoy states that the main challenge is learning to coexist with this technology ...

52% of users in Girona and Tarragona who installed Xuper TV already showed traces of malware

Until January 2026, Endesa did not confirm the scope of the ID and IBAN leak

The leak has exposed sensitive information such as ID numbers, bank IBANs, and customer contact details. Users from various neighborhoods in Barcelona and municipalities in the metropolitan area have reported on social media ...

An algorithm with decision-making power: how far does its influence extend over our rights?

16.3 million records leaked from PcComponentes: National ID numbers, orders, and bank details exposed

The total number of stolen records amounts to 16.3 million, according to information released by the X account of Hackmanac on January 20, 2026. National ID numbers, orders, invoices, physical addresses, contact details, bank card metadata...

Endesa confirms cyberattack: customer ID numbers and bank account numbers affected

The Spanish Consumers' Association asks Endesa to safeguard consumer access to money after yesterday's cyberattack

17.5 million Instagram accounts affected by data sale on the dark web

The stolen data is available for sale on the dark web and can be used for SMS fraud or other forms of digital deception

A TikTok video can install malware that steals bank accounts in seconds

According to the official alert, the identified videos can be found on various platforms, although the most prominent presence has been detected on TikTok

80% less risk of collisions after activating the V-16 beacon in urban areas of Catalonia

The agency clarifies that the General Directorate of Traffic does not access information about who has purchased each beacon. When a driver activates the device in case of breakdown or accident, the beacon only transmits the vehicle's geolocation

160,000 euros: fine for Supera for using fingerprints without complying with the GDPR

European regulations require that any processing of personal data, especially biometric data, be accompanied by measures to prevent unauthorized access and that the consent of the data subject be explicit

90 days after death: key deadline for companies to delete data without request

The law recognizes three fundamental rights for next of kin: access, rectification, and deletion of the deceased's personal data

The tool has already replaced a manual process in several municipal services in Girona since November

The tool automatically identifies names, addresses, and other personal data in both texts and PDF documents

9 out of 10 digital scams in Catalonia use the screen-sharing function to steal bank details

According to the National Police, the alleged criminals contact victims by posing as employees of banks, technical services, or trusted platforms.

Google activates tool to track your data on the Dark Web if you have a personal account

The tool analyzes compromised databases and notifies the user if it finds matches with the information selected for monitoring. A personal Google account is essential to configure the tracking report

LinkedIn and X better protect your privacy than Meta, according to new metric from UC3M and INCIBE

It is fundamental that society pay attention to which databases are storing their information and what protection they offer, as leaks can lead to dangerous practices if systems are not well designed

3 hackers arrested since July for leaking data of high-ranking officials, according to the National Police

The leak bears similarity to the one carried out in September by N4t0x, a minor arrested after disseminating data of Pedro Sánchez and other public officials

TikTok transfers European user data to China, according to the AEPD

In April, Ireland's Data Protection Commission (DPC) fined TikTok €530 million after concluding, in coordination with other national authorities such as the AEPD.

7 out of 10 users interact with AI without knowing it, according to a digital law expert

"When you upload a document, you lose control over it. Nothing is free. That information is usually stored in public clouds and can be reused" - Lorena Naranjo Godoy, UDLA

52% of users in Girona and Tarragona who installed Xuper TV already showed traces of malware

Cybersecurity experts warn that malware hidden in pirated apps like Magis TV and Xuper TV can capture passwords, access bank accounts, and track financial information

Protection of Personal Data: A Fundamental Right in the Digital Age