easyGDPR

We make implementing General Data Protection Regulation Easy

by

Penalty against Equifax Ltd

In 2017, records of a total of 146 million customers were stolen, including 15 million UK customers. Equifax Ltd is a credit reference agency and provides information about the creditworthiness of a debtor (similar to a Schufa report).
According to the British data protection authority, the data records were stored for too long and were poorly secured.
As the case occurred before the GDPR came into force, the penalty range of the Data Protection Act (DPA) was applied and the maximum penalty of £500,000 was imposed.

Entscheidungsdatum:
19.09.2018

Land:
Great Britain

Art des Verstoßes:
technical deficiency

Betroffene Datensätze:
15 000 000

Waren sensible Daten betroffen?:
No

verhängte Geldstrafe:
€ 575,000,-

Violation of GDPR Paragraph:
unknown

Quelle:
Communication from the UK data protection authority ICO (English)

Category iconUncategorized