Saturday , May 24 2025
€530 million

TikTok fined €530 million for sending E.U. Data to China

Ireland’s Data Protection Commission fined TikTok €530 million ($601 million) on Friday for violating data protection laws by transferring European users’ data to China.

“TikTok infringed the GDPR regarding its transfers of EEA [European Economic Area] User Data to China and its transparency requirements,” the DPC said in a statement. “The decision includes administrative fines totaling €530 million and an order requiring TikTok to bring its processing into compliance within 6 months.”

Evaly E-commerce Platform Allegedly Hacked

Evaly, a Bangladeshi e-commerce platform, is reportedly facing a major data breach that may have exposed sensitive information of around...
Read More
Evaly E-commerce Platform Allegedly Hacked

Exploitable Vulns in Canon Printers Allow Gaining Admin Privileges

A passback vulnerability has been found in some Canon printers, including production and multifunction models. If an attacker gains administrative...
Read More
Exploitable Vulns in Canon Printers Allow Gaining Admin Privileges

184 Million Leaked Credentials Discovered in Open Database

Security researchers have discovered a database with 184 million account credentials, highlighting the need to update compromised passwords, strengthen weak...
Read More
184 Million Leaked Credentials Discovered in Open Database

Palo Alto Networks Warns of XSS Flaw: PoC Released

Palo Alto Networks warns a reflected cross-site scripting (XSS) vulnerability, CVE-2025-0133, in the GlobalProtect gateway and portal features of its...
Read More
Palo Alto Networks Warns of XSS Flaw: PoC Released

Pwn2Own Berlin reveals 29 critical vulns in major tech firms

Pwn2Own Berlin 2025, a top cybersecurity contest, awarded $1,078,750 to researchers who discovered 29 zero-day vulnerabilities in various enterprise technologies....
Read More
Pwn2Own Berlin reveals 29 critical vulns in major tech firms

High-Severity Flaw Hits Atlassian Jira Data Center

A recently discovered vulnerability, CVE-2025-22157, threatens organizations using Atlassian’s Jira Core Data Center and Jira Service Management Data Center by...
Read More
High-Severity Flaw Hits Atlassian Jira Data Center

All major mobile networks go down across Spain

A nationwide phone network has gone down in Spain, shortly after blackouts caused chaos and significant financial losses. Emergency services...
Read More
All major mobile networks go down across Spain

Researchers found 200 billion files exposed in cloud buckets

Billions of files, including documents, source code, and backups, are leaking because of misconfigured cloud storage. Cyble, a cybersecurity company...
Read More
Researchers found 200 billion files exposed in cloud buckets

Bank server compromised using customer’s mobile, steal ₹11 crore

Cyber fraudsters hacked the Himachal Pradesh State Cooperative Bank's server using a customer's mobile phone. According to reports, the fraudsters...
Read More
Bank server compromised using customer’s mobile, steal ₹11 crore

“InfoSecCon-2025″ held successfully promising cyber resilience

"InfoSecCon-2025" was successfully held with tremendous audiences with various time demanding topics and keynotes at Dhaka on 16 May- 2025....
Read More
“InfoSecCon-2025″ held successfully promising cyber resilience

The order, in addition, requires the company to suspend data transfers to China within the time period.

The penalty stems from a September 2021 investigation into the company’s transfer of personal data to China and its adherence to strict data protection laws concerning data transfers to other countries.

DPC Deputy Commissioner Graham Doyle commented that TikTok’s transfer of personal data to China violated Article 46(1) of the GDPR because it did not ensure that EEA users’ data received the same privacy protections as in the EU.

Doyle further added that TikTok did not address concerns arising from potential access by Chinese authorities under anti-terrorism and counter-espionage laws in the country and which “materially” diverged from European Union standards.

The DPC criticized TikTok for giving incorrect information during an investigation, claiming it didn’t store EEA users’ data on Chinese servers. However, last month, TikTok revealed that it found an issue in February 2025, confirming that some EEA data had been stored on servers in China.

“Whilst TikTok has informed the DPC that the data has now been deleted, we are considering what further regulatory action may be warranted, in consultation with our peer EU Data Protection Authorities,” Doyle said.

Christine Grahn, TikTok’s head of public policy and government relations for Europe, said the decision failed to take into account Project Clover, a data security initiative aimed at protecting European user data, and that the ruling does not reflect the current safeguards put in place.

“The DPC itself recorded in its report what TikTok has consistently said: it has never received a request for European user data from the Chinese authorities, and has never provided European user data to them,” Grahn said.

This is the second fine levied by the DPC against the ByteDance-owned company. In September 2023, TikTok was handed a €345 million (then about $368 million) fine for violating GDPR laws in relation to its handling of children’s data.

Check Also

Passwordless

Microsoft New Accounts Go Passwordless By Default

Microsoft is focusing on eliminating password-based authentication, promoting passwordless sign-in and sign-up methods instead. For …

Leave a Reply

Your email address will not be published. Required fields are marked *