© 2025 CoolTechZone - Latest tech news,
product reviews, and analyses.

CNIL: ‘Data breaches are often caused by recurring security flaws’


The Commission Nationale de l'Informatique et des Libertés (CNIL), the French data protection authority (DPA), concludes that most data breaches occur because attackers follow similar operating procedures and exploit the same security flaws.

The French DPA received 5,629 data breach notifications last year, which is an increment of 20% compared to 2023. This affected over one million people in France.

The privacy supervisor found several recurring themes to be the root cause of these data breaches. First of all, the login credentials used by hackers had been previously stolen. How? Because a user was fooled by a phishing mail, a user agreed to sell his login data to a threat actor, login credentials were sold on the dark web, or malware had been installed on a user’s computer.

To prevent these risks, companies should enable multi-factor authentication, systematically register individual accounts, and raise awareness among employees regarding cybersecurity.

Another way attackers were able to gain access to corporate networks was by misusing security vulnerabilities in applications like firewalls or VPN gateways. For this very reason software should always be up-to-date. Furthermore, access to a company’s network should be limited to authenticated devices only.

In addition, CNIL observed that large volumes of data were accessible to attackers because this information was also accessible to employees. Furthermore, there were no restrictions on executing queries or exporting data, the data was collected in an excessive manner by a third-party provider, or data was stored for too long.

In many of the data breaches that were investigated by CNIL, the French DPA noticed that organizations didn’t monitor or hardly monitored their network activities. Therefore, in most cases, the data theft wasn’t noticed until the data was offered on the internet.

To prevent future breaches, the privacy supervisor advises implementing real-time analysis of network activities and logs, using multi-factor authentication, implementing the least privilege principle, limiting the storage period, and limiting the possibilities to request or export data.


Leave a Reply

Your email address will not be published. Required fields are marked