DSK Bank

€511,000

Insufficient technical and organisational measures to ensure information security

Decision Date

August 28, 2019

Authority

Data Protection Commision of Bulgaria (KZLD)

BG

Sector

Finance, Insurance and Consulting

Country

BG

Law

GDPR

Status

FINAL

Description

Leakage of personal data due to inadequate technical and organisational measures to ensure the protection of information security. Third parties had access to over 23000 credit records relating to over 33000 bank customers including personal data such as names, citizenships, identification numbers, adresses, copies of identity cards and biometric data.

Legal Citations

Art. 32

Issues & Violations

Insufficient technical and organisational measures to ensure information security
View Official Document
Back to Fines Database
Previous Fine
Data Protection Commision of Bulgaria (KZLD) - Nat...
Next Fine
Data Protection Authority of Hamburg (HmbBfDI) - C...

Stay Updated on Privacy Enforcement

We respect your privacy. One email per month, no spam, unsubscribe anytime.