Telefoncia is a Spanish multinational broadband and telecommunications provider that has suffered a data breach. The attackers exploited a vulnerability which exposed mobile numbers, landline numbers, residential addresses, names, national ID numbers, banks, billing records, and call history of millions of customers. The data is now accessible in CSV format for downloading. The attack is similar to an attack on Spain’s systems that took place in July 2017 which exposed data of customers. This breach has been identified as the largest breach in the telecom history of Spain. Telefoncia may face a fine of €20m (23,280,860 USD) or be asked to turn over 2-4% of their annual turnover due to GDPR.