Details:
| Summary | Leakage of personal data due to inadequate technical and organisational measures to ensure the protection of information security. Third parties had access to over 23000 credit records relating to over 33000 bank customers including personal data such as names, citizenships, identification numbers, adresses, copies of identity cards and biometric data. |
| Link: | link |
| Related articles: | Art. 32 GDPR |
| Type: | Insufficient technical and organisational measures to ensure information security |
| Fine: | EUR 511,000 |
| Sector | Finance, Insurance and Consulting |
All data is based on The CMS’s Law GDPR Enforcement Tracker Source: https://www.enforcementtracker.com/