Details:
| Summary | As a result of the lack of appropriate security measures on the Lands Authority website, over 10 gigabytes of personal data became easily accessible to the public via a simple google search. The majority of the leaked data contained highly-sensitive information and correspondence between individuals and the Authority itself. The Lands Authority chose not to appeal. In Malta, in the case of a breach by a public authority or body, the Data Protection Commissioner may impose an administrative fine of up to €25,000 for each violation and may additionally impose a daily fine of €25 for each day such violation persists. |
| Link: | link |
| Related articles: | Art. 5 GDPR, Art. 32 GDPR |
| Type: | Insufficient technical and organisational measures to ensure information security |
| Fine: | EUR 5,000 |
| Sector | Public Sector and Education |
All data is based on The CMS’s Law GDPR Enforcement Tracker Source: https://www.enforcementtracker.com/