ACTIVE ASSURANCES (car insurer)

€180,000

Insufficient technical and organisational measures to ensure information security

Otsuse kuupäev

25. juuli 2019

Ametiasutus

French Data Protection Authority (CNIL)

FR

Sektor

Finance, Insurance and Consulting

Riik

FR

Seadus

GDPR

Staatus

FINAL

Kirjeldus

Large amount of customer accounts, clients' documents (including copies of driver's licences, vehicle registration, bank statements and documents to determine whether a person had been the subject of a licence withdrawal) and data were easily accesible online. The CNIL, between others, critizised the password management (unauthorized access was possible without any authentication).

Õiguslikud viited

Art. 32

Probleemid ja rikkumised

Insufficient technical and organisational measures to ensure information security
Vaata ametlikku dokumenti
Tagasi trahvide andmebaasi juurde
Eelmine trahv
Hungarian National Authority for Data Protection a...
Järgmine trahv
Data Protection Authority of Hamburg (HmbBfDI) - C...

Privaatsuse jõustamise kohta ajakohastatud teave

Me austame teie privaatsust. Üks e-kiri kuus, ei ole rämpsposti, loobuda tellimusest igal ajal.