Telecommunications company

€285,000

Insufficient technical and organisational measures to ensure information security

Datum der Entscheidung

21. Juli 2022

Behörde

Croatian Data Protection Authority (azop)

HR

Sektor

Media, Telecoms and Broadcasting

Land

HR

Recht

GDPR

Status

FINAL

Beschreibung

The Croatian DPA has fined a telecommunications company EUR 285,000. The company had suffered a data breach. Attackers had managed to access data from about 100,000 data subjects. During its investigation, the DPA found that such a breach was facilitated by the company's failure to implement adequate technical and organizational security measures for the processing of personal data. For example, the processing systems lacked access restrictions. In assessing the fine, it was taken into aggravating account that the company is one of the leading telecommunications companies in Croatia and therefore, due to the high volume of data processed there, the risk of an attack on the systems was to be expected. For this very reason, the company should have paid more attention to ensuring that sufficient safety measures were taken.

Juristische Zitate

Art. 25 (1)Art. 32 (1)Art. 32 (2)

Probleme und Verstöße

Insufficient technical and organisational measures to ensure information security
Offizielles Dokument anzeigen
Zurück zur Bußgelddatenbank
Vorherige Geldstrafe
Croatian Data Protection Authority (azop) - Car de...
Nächste Geldstrafe
Data Protection Authority of Hamburg (HmbBfDI) - C...

Bleiben Sie auf dem Laufenden über die Durchsetzung des Datenschutzes

Wir respektieren Ihre Privatsphäre. Eine E-Mail pro Monat, kein Spam, jederzeit abbestellbar.