Online reservation Website Booking.com has been fined €475,000 (U.S. $557,000) by the Dutch Data Protection Authority for reporting a data breach 22 days later than the 72 hours required under the EU’s General Data Protection Regulation (GDPR).
The fine, announced Wednesday, is the Netherlands’ eighth under the GDPR so far. It surpasses Ireland’s €450,000 sanction against Twitter for similarly failing to report on time a data breach.
