Data Breach GDPR Requests

Meta has been involved in multiple major data incidents affecting hundreds of millions of EU residents. Under GDPR, you have the right to find out exactly what data they hold — and to request its deletion.

LinkedIn has suffered multiple large-scale data incidents. The 2021 scraping breach exposed the data of approximately 700 million users — around 92% of LinkedIn's total user base at the time.

Twitter (now X) has experienced multiple data incidents since 2022, exposing private contact details of millions of users. EU residents have full GDPR rights over data held by Twitter International in Dublin.

Uber suffered a major data breach in 2016 that exposed the personal data of 57 million riders and drivers — and then paid hackers to hide it. The cover-up was only revealed in 2017. EU residents can demand to know exactly what Uber still holds.

TikTok has been under sustained regulatory scrutiny across Europe for collecting extensive personal data, processing children's data without consent, and transferring EU user data to servers in China accessible to ByteDance employees.

Marriott International suffered one of the largest ever hotel data breaches — a compromise of the Starwood reservation system that ran undetected from 2014 to 2018 and exposed up to 500 million guest records.

LastPass suffered a serious two-stage breach in 2022: first, attackers stole source code in August; then in December, they accessed customer data including encrypted password vaults. Every LastPass customer's data was potentially exposed.