NTT Data Italia S.P.A

€800,000

Insufficient fulfilment of data breach notification obligations

Otsuse kuupäev

8. veebruar 2024

Ametiasutus

Italian Data Protection Authority (Garante)

IT

Sektor

Industry and Commerce

Riik

IT

Seadus

GDPR

Staatus

FINAL

Kirjeldus

The Italian DPA has imposed a fine of EUR 800,000 on NTT Data Italia S.P.A. The fine is related to the fine imposed on UniCredit (ETid-2227). UniCredit had contracted NTT to carry out vulnerability analyses and penetration tests. During its investigation, the DPA found that NTT had not notified UniCredit of a data breach in a timely manner. In addition, NTT had contracted another company to carry out vulnerability assessments and penetration tests without prior authorization from the bank as the data controller.

Õiguslikud viited

Art. 28 (2)Art. 33 (2)

Probleemid ja rikkumised

Insufficient fulfilment of data breach notification obligations
Vaata ametlikku dokumenti
Tagasi trahvide andmebaasi juurde
Eelmine trahv
Italian Data Protection Authority (Garante) - UniC...
Järgmine trahv
Data Protection Authority of Hamburg (HmbBfDI) - C...

Privaatsuse jõustamise kohta ajakohastatud teave

Me austame teie privaatsust. Üks e-kiri kuus, ei ole rämpsposti, loobuda tellimusest igal ajal.