Penalty against Equifax Ltd
In 2017, records were stolen by a total of 146 million customers, including 15 million British customers. Equifax Ltd is a credit reference agency and provides information on the creditworthiness of a debtor (similar to a Schufa information). The data sets were stored too long according to British data protection authority and were insufficiently secured. Since the case occurred prior to the entry into force of the GDPR, the Data Protection Act (DPA) penalty was applied and the maximum penalty of £ 500,000 was imposed.
Entscheidungsdatum:
19.09.2018
Land:
United Kingdom
Art des Verstoßes:
technical deficiency
Betroffene Datensätze:
15 000 000
Waren sensible Daten betroffen?:
No
verhängte Geldstrafe:
€ 575,000,-
Violation of GDPR Paragraph:
unknown
Quelle: