Austrian Group NOYB Files Complaints Against European Parliament Over Data Breach

Austrian advocacy group NOYB has filed two complaints with the EU privacy watchdog against the European Parliament, accusing it of inadequately safeguarding employees' personal data, the organization announced on Thursday.

Founded by privacy activist Max Schrems, NOYB is representing four employees in response to a data breach on the Parliament's recruiting platform. This breach affected over 8,000 staff members, exposing sensitive documents such as passports, criminal records, and marriage certificates.

NOYB expressed concern that the Parliament was informed of the breach in May but discovered it months later and still does not know its cause. "This breach comes after repeated cybersecurity incidents in EU institutions over the past year," said NOYB data protection lawyer Lorea Mendiguren. The European Parliament has so far been unavailable for comment.

NOYB asserts that the Parliament is failing to comply with the European General Data Protection Regulation (GDPR) and demands the European Data Protection Board (EDPB) to enforce compliance, potentially including financial penalties.

(With inputs from agencies.)