Punishment against Bupa Insurance Services Ltd
In June 2017, the data from the Group’s CRM program was offered for sale in Darkweb. In total, 1.5 million records were affected. The UK DPA’s investigation found that the data was not properly secured internally (more than 1300 employees had access to these records) or externally (hackers attack).
Entscheidungsdatum:
26.09.2018
Land:
United Kingdom
Art des Verstoßes:
Theft of Data
Betroffene Datensätze:
1 500 000
Waren sensible Daten betroffen?:
No
verhängte Geldstrafe:
€ 200,000,-
Violation of GDPR Paragraph:
unknown
Quelle: