Hellenic Post (ΕΛΛΗΝΙΚΑ ΤΑΧΥΔΡΟΜΕΙΑ ΑΝΩΝΥΜΗ ΕΤΑΙΡΕΙΑ)
€2,995,140
Insufficient technical and organisational measures to ensure information security
Ημερομηνία απόφασης
28 Φεβρουαρίου 2024
Αρχή
Hellenic Data Protection Authority (HDPA)
GR
Τομέας
Transportation and Energy
Χώρα
GR
Νόμος
GDPRΚατάσταση
FINALΠεριγραφή
The Hellenic DPA has imposed a fine of EUR 2,995,140 on the Hellenic Post (ΕΛΛΗΝΙΚΑ ΤΑΧΥΔΡΟΜΕΙΑ ΑΝΩΝΥΜΗ ΕΤΑΙΡΕΙΑ). The controller had suffered a data breach which resulted in personal data being accessed and later published on the Dark Web. During its investigation, the DPA found that the controller had failed to implement appropriate technical and organizational measures to prevent such an incident.
Νομικές παραπομπές
Art. 5 (1)Art. 32
Θέματα & Παραβάσεις
Insufficient technical and organisational measures to ensure information security