Penalty against Equifax Ltd
In 2017, records of a total of 146 million customers were stolen, including 15 million UK customers. Equifax Ltd is a credit reference agency and provides information about the creditworthiness of a debtor (similar to a Schufa report).
According to the British data protection authority, the data records were stored for too long and were poorly secured.
As the case occurred before the GDPR came into force, the penalty range of the Data Protection Act (DPA) was applied and the maximum penalty of £500,000 was imposed.
Art des Verstoßes:
15 000 000
Waren sensible Daten betroffen?:
Violation of GDPR Paragraph: