National Revenue Agency

€2,600,000

Insufficient technical and organisational measures to ensure information security

Decision Date

August 28, 2019

Authority

Data Protection Commision of Bulgaria (KZLD)

BG

Sector

Public Sector and Education

Country

BG

Law

GDPR

Status

FINAL

Description

Leakage of personal data in a hacking attack due to inadequate technical and organisational measures to ensure the protection of information security. It was found that personal data concerning about 6 million persons was illegally accessible.

Legal Citations

Art. 32

Issues & Violations

Insufficient technical and organisational measures to ensure information security
View Official Document
Back to Fines Database
Previous Fine
Data State Inspectorate (DSI) - Online Services...
Next Fine
Data Protection Authority of Hamburg (HmbBfDI) - C...

Stay Updated on Privacy Enforcement

We respect your privacy. One email per month, no spam, unsubscribe anytime.