Details:
| Summary | The Cypriot DPA has imposed a fine of EUR 5,000 on the Cypriot Ministry of Defense. The controller had suffered a cyber attack which, according to the DPA, had been caused due to a lack of technical and organizational measures for the protection of personal data and a lack of supervision of a processor. |
| Link: | link |
| Related articles: | Art. 24 GDPR, Art. 32 GDPR |
| Type: | Insufficient technical and organisational measures to ensure information security |
| Fine: | EUR 5,000 |
| Sector | Public Sector and Education |
All data is based on The CMS’s Law GDPR Enforcement Tracker Source: https://www.enforcementtracker.com/