OTE Group

€3,200,000

Insufficient technical and organisational measures to ensure information security

Fecha de la decisión

27 de enero de 2022

Autoridad

Hellenic Data Protection Authority (HDPA)

GR

Sector

Media, Telecoms and Broadcasting

País

GR

Ley

GDPR

Estado

FINAL

Descripción

The Hellenic DPA has imposed a fine of EUR 3.2 million on Cosmote subsidiary OTE Group. Among other things, OTE Group had contributed to Cosmote's security infrastructure. Cosmote had reported a data breach to the DPA under Article 33 of the GDPR. A hacker had been able to penetrate Cosmote's systems due to a lack of security measures and obtained and subsequently leaked data from customers. The stolen data included sensitive information, from Cosmote subscribers such as age, gender and contract information. Nearly 10 million people were affected by the incident. For this reason, the DPA found that OTE Group had failed to implement adequate technical and organizational measures to ensure a level of security commensurate with the risk to data subjects.

Citas legales

Art. 32

Problemas e infracciones

Insufficient technical and organisational measures to ensure information security
Ver documento oficial
Volver a la base de datos de multas
Multa anterior
Hellenic Data Protection Authority (HDPA) - Cosmot...
Siguiente multa
Data Protection Authority of Hamburg (HmbBfDI) - C...

Manténgase al día sobre la aplicación de las normas de protección de la intimidad

Respetamos su intimidad. Un correo electrónico al mes, sin spam, darse de baja en cualquier momento.