BAYARD REVISTAS, S.A.
€31,200
Insufficient technical and organisational measures to ensure information security
Ημερομηνία απόφασης
28 Σεπτεμβρίου 2022
Αρχή
Spanish Data Protection Authority (aepd)
ES
Τομέας
Media, Telecoms and Broadcasting
Χώρα
ES
Νόμος
GDPRΚατάσταση
FINALΠεριγραφή
The Spanish DPA has imposed a fine on Bayard Revistas S.A.. Unauthorized persons had accessed the Bayard database and thus unauthorizedly siphoned off location and contact data of users of the database. Approximately 470,000 users were affected by the incident. The DPA's investigation determined that a vulnerability in the controller's systems allowed the incident to occur. The original fine of EUR 52,000 was reduced to EUR 31,200 due to voluntary payment and admission of guilt.
Νομικές παραπομπές
Art. 5 (1)Art. 32Art. 33
Θέματα & Παραβάσεις
Insufficient technical and organisational measures to ensure information security