ACTIVE ASSURANCES (car insurer)

€180,000

Insufficient technical and organisational measures to ensure information security

Dato for beslutning

25. juli 2019

Myndighed

French Data Protection Authority (CNIL)

FR

Sektor

Finance, Insurance and Consulting

Land

FR

Lovgivning

GDPR

Status

FINAL

Beskrivelse

Large amount of customer accounts, clients' documents (including copies of driver's licences, vehicle registration, bank statements and documents to determine whether a person had been the subject of a licence withdrawal) and data were easily accesible online. The CNIL, between others, critizised the password management (unauthorized access was possible without any authentication).

Juridiske citater

Art. 32

Problemer og overtrædelser

Insufficient technical and organisational measures to ensure information security
Se officielt dokument
Tilbage til bøde-databasen
Forrige bøde
Hungarian National Authority for Data Protection a...
Næste bøde
Data Protection Authority of Hamburg (HmbBfDI) - C...

Hold dig opdateret om håndhævelse af privatlivets fred

Vi respekterer dit privatliv. En e-mail om måneden, ingen spam, afmeld når som helst.