On 9 December 2020, The Data Protection Commission (DPC) announced its final decision regarding the investigation conducted regarding Twitter's violation of its obligations to report data breaches in conformity with the General Data Protection Regulation (GDPR). The inquiry started on 22 January 2019, after the agency received notification of a data breach from Twitter and found that the company infringed Article 33 of the GDPR. Specifically, Twitter failed to adequately document the breach and inform the DPC on time about the breach. The DPC decided to impose an administrative fine of €450,000 following the directions of the European Data Protection Board.
Original source