In May 2014, eBay announced that it had fallen victim to a cyber-attack. It stated that a large database of passwords and non-financial personal data had been compromised and advised users to change their passwords.
eBay has subsequently been blamed by the Luxembourg data protection authority, the Commission Nationale pour la Protection des Données ("CNPD"), for mishandling the data breach and failing to adequately notify its clients. The question therefore arises whether there is a better way to deal with a data breach in Luxembourg, and if so, how.
Read more in our newsletter.