French Data Protection Authority Fines France Travail €5 Million for GDPR Violations Following Data Breach

The French data protection authority, CNIL, has imposed a €5 million fine on France Travail (formerly Pôle Emploi) for failures in managing a data breach that occurred in 2024. The penalty stems from violations of the GDPR, particularly an inadequate response to the incident. No additional technical details (such as the attack method or volume of exposed data) or a detailed impact assessment were provided.