CAJA RURAL DE GIJÓN, S.C.A.C.
€76,000
Non-compliance with general data processing principles
Päätöspäivä
17. tammikuuta 2025
Viranomainen
Spanish Data Protection Authority (aepd)
ES
Ala
Finance, Insurance and Consulting
Maa
ES
Laki
GDPRTila
FINALKuvaus
The Spanish DPA has imposed a fine on CAJA RURAL DE GIJÓN, S.C.A.C.. The controller had suffered a cyber attack in which the attackers were able to access customer data due to a security vulnerability in its systems. The DPA found that the company had failed to implement the necessary security measures that could have prevented such an incident. The original fine of EUR 95,000 was reduced to EUR 76,000 due to voluntary payment.
Oikeudelliset viittaukset
Art. 5 (1)
Asiat ja rikkomukset
Non-compliance with general data processing principles