On December 15, 2020, the Irish Data Protection Commission (DPC) announced a conclusion to an investigation surrounding a January 2019 Twitter data breach, in which the DPC alleged the social media giant violated Article 33 of the General Data Protection Regulation (GDPR) by failing to report the data breach to the DPC within 72 hours and failing to properly document the breach.
Twitter was fined €450,000, or approximately $547,204.50, for the GDPR violations.