Antivirus company transferred pseudonymized browsing data to subsidiary Jumpshot without adequate anonymization.
The Czech Office for Personal Data Protection issued a final and binding decision imposing a fine of 351 million CZK on Avast Software s.r.o. for unlawful GDPR violations. The DPA found that Avast transferred pseudonymized internet browsing history tied to unique identifiers from approximately 100 million users to its subsidiary Jumpshot during 2019, despite informing users the data was anonymous for trend analytics. The DPA determined the data was not properly anonymised and could be re-identified, and the processing purpose extended beyond the claimed statistical analytics.
Sources
Czech DPA Fines Avast 351M CZK for GDPR Breach
More from Data Privacy & Cybersecurity Browse all →
CISA and CERT-Bund Issue Three Advisories on Actively Exploited Apache ActiveMQ Flaws
CISA added two Apache ActiveMQ CVEs to its Known Exploited Vulnerabilities catalog citing active exploitation, while CERT-Bund simultaneously disclosed additional flaws in the software. The vulnerabilities allow authenticated attackers to achieve remote code execution through the Jolokia JMX-HTTP bridge.
April 23, 2026
Adobe Acrobat Zero-Day Under Active Exploitation, Three Agencies Warn
CVE-2026-34621, a critical Adobe Acrobat vulnerability allowing arbitrary code execution, is under active exploitation according to advisories from CSA Singapore, CERT-FR, and CISA. The agencies added multiple Adobe CVEs to exploit catalogs, signaling a coordinated attack campaign targeting unpatched systems.
April 18, 2026
CISA Warns Critical ICS Flaws Expose SQL Credentials in Mitsubishi, ICONICS Products
Vulnerabilities in industrial control software used by water, energy, and manufacturing sectors could let hackers steal database passwords
April 13, 2026
Russian APT28 Hijacks Routers to Steal Government Passwords
UK intelligence exposes GRU unit 26165 using router DNS manipulation to harvest credentials at scale
April 12, 2026
Get the briefing in your inbox
The top regulatory stories, delivered daily. No noise.
Free. Unsubscribe anytime.