Support Centre

You have out of 5 free articles left for the month

Signup for a trial to access unlimited content.

Start Trial

Continue reading on DataGuidance with:

Free Member

Limited Articles

Create an account to continue accessing select articles, resources, and guidance notes.

Free Trial

Unlimited Access

Start your free trial to access unlimited articles, resources, guidance notes, and workspaces.

Lower Saxony: LfD Niedersachsen issues warning letters to 20 companies for closing security gaps

On June 14, 2024, the Lower Saxony data protection authority (LfD Niedersachsen) announced that it had issued warning letters to 20 unnamed companies for violation of the General Data Protection Regulation (GDPR).

Background to the decision

The LfD Niedersachsen noted that it conducted an unsolicited audit on the companies.


The LfD Niedersachsen discovered security gaps in the companies' Microsoft Corporation, Inc.'s Exchange servers and informed them of this discovery, noting possible supervisory measures if the security gaps were not closed. The LfD Niedersachsen issued a final warning to the companies concerned, pointing out that they had violated Article 32 of the GDPR.


All companies contacted by the LfD Niedersachsen closed the security gaps after receiving the letter, and therefore further measures were not necessary.

You can read the press release, only available in German, here.