Penalty after Cyberattack against Bank
More than 33,000 data records were captured by criminals in the course of a cyber attack. The data protection authority found that the bank concerned had not taken appropriate measures to prevent attacks. Therefore, the institute violated the GDPR and was sentenced to a fine of approximately €500,000.
Entscheidungsdatum:
28.08.2019
Land:
Bulgaria
Art des Verstoßes:
Theft of Data
Betroffene Datensätze:
Waren sensible Daten betroffen?:
No
verhängte Geldstrafe:
€ 510,000,-
Violation of GDPR Paragraph:
32. Security of processing
Quelle:
Activity report of the Bulgarian data protection authority (Bulgarian)