European governments: 3.000 tracking sites, 1.000 phpMyAdmins, and 99% poorly
4 hours ago
- #Cybersecurity
- #Government Transparency
- #Data Privacy
- SecurityBaseline.eu, launched on May 13, 2026, is a spin-off from the Dutch Basisbeveiliging initiative, monitoring security for over 80,000 organizations and 500,000 addresses across the EU and EEA.
- The platform uses traffic light maps (red, orange, green) to visualize security risks across 32 countries, covering 21 metrics and generating 1,827 maps updated daily based on data from 200,000 government domains and 67,000 local governments.
- Key worrisome findings include 3,081 governmental sites illegally using tracking cookies without proper GDPR consent, primarily from vendors like YouTube and Google Ads.
- Over 1,000 database management interfaces (phpMyAdmin) are publicly accessible, posing severe security risks, with no financial contributions from European governments to support the open-source software they depend on.
- 99% of governmental email encryption is inadequate, with only the Netherlands and Denmark showing moderate compliance, highlighting a widespread failure to follow up-to-date TLS security guidelines.
- The initiative emphasizes transparency and aims to empower governments to improve cybersecurity through published data, change processes, and policies, while inviting public support via the Internet Cleanup Foundation.