Italy: Announced GPDP investigation into CrowdStrike regarding effects of IT blackout

On 23 July 2024, the Italian Guarantor for the Protection of Personal Data (GPDP) announced an investigation into the cybersecurity company CrowdStrike. The investigation focuses on the potential impact of a recent IT system blackout on users' personal data, particularly in relation to public services. The incident, reportedly caused by a malfunction in CrowdStrike's security software, has disrupted numerous online services. GPDP may take further action if specific violations are identified.