GDPR Penalty against Tax Office
Following a successful cyber attack, the Bulgarian data protection authority has found that the Bulgarian Ministry of Finance has not taken any technical and organisational measures to prevent data breaches. As a result of the attack, the data of more than 5 million citizens was stolen, affecting almost every adult citizen of the country’s 7 million inhabitants.
This is already the second fine imposed on the tax office Violation of GDPR Paragraph:
32. Security of processing
Violation of GDPR Paragraph: