Telekom Romania Mobile Communications S.A.

€10,000

Insufficient technical and organisational measures to ensure information security

Decision Date

March 30, 2021

Authority

Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP)

RO

Sector

Media, Telecoms and Broadcasting

Country

RO

Law

GDPR

Status

FINAL

Description

The Romania DPA (ANSPDCP) has fined Telekom Romania Mobile Communications S.A. EUR 10,000 for failing to implement adequate security measures to ensure the security of personal data processing. In particular, the ANSPDCP's investigation revealed that the controllers' failure to implement adequate security measures resulted in the unauthorized disclosure of the data of 99,210 data subjects, including their customer number, gender and telephone number, as well as unauthorized access to the personal data stored in the accounts of 413 customers. On this basis, the ANSPDCP ruled that the controller violated Art. 32 (1) and (2) GDPR.

Legal Citations

Art. 32 (1)

Issues & Violations

Insufficient technical and organisational measures to ensure information security
View Official Document
Back to Fines Database
Previous Fine
Italian Data Protection Authority (Garante) - Conv...
Next Fine
Data Protection Authority of Hamburg (HmbBfDI) - C...

Stay Updated on Privacy Enforcement

We respect your privacy. One email per month, no spam, unsubscribe anytime.