Chat with us, powered by LiveChat

easyGDPR

We make implementing General Data Protection Regulation Easy

by

Penalty against Equifax Ltd

In 2017, records were stolen by a total of 146 million customers, including 15 million British customers. Equifax Ltd is a credit reference agency and provides information on the creditworthiness of a debtor (similar to a Schufa information). The data sets were stored too long according to British data protection authority and were insufficiently secured. Since the case occurred prior to the entry into force of the GDPR, the Data Protection Act (DPA) penalty was applied and the maximum penalty of £ 500,000 was imposed.

Decision data:
19.09.2018

Country:
United Kingdom

Type of Issue:
technical deficiency

Number of involved data records:
15 000 000

Special category of data involved:
No

Fine:
€ 575,000,-

Violation of GDPR Paragraph:
unknown

Reference:

Category iconUncategorized