Penalty after Cyberattack against Bank

Penalty after Cyberattack against Bank

More than 33,000 data records were captured by criminals in the course of a cyber attack. The data protection authority found that the bank concerned had not taken appropriate measures to prevent attacks. Therefore, the institute violated the GDPR and was sentenced to a fine of approximately €500,000.

Entscheidungsdatum:
28.08.2019

Land:
Bulgaria

Art des Verstoßes:
Theft of Data

Betroffene Datensätze:

Waren sensible Daten betroffen?:
No

verhängte Geldstrafe:
€ 510,000,-

Quelle:
Activity report of the Bulgarian data protection authority (Bulgarian)