Individual entrepreneur - no further details published

€980

Insufficient technical and organisational measures to ensure information security

Tanggal Keputusan

Tidak tersedia

Wewenang

Czech Data Protection Auhtority (UOOU)

CZ

Sektor

Individuals and Private Associations

Negara

CZ

Hukum

GDPR

Status

FINAL

Deskripsi

The operator of an online game was exposed to several DDoS attacks which caused the malfunctioning of the servers. The attacker blackmailed the operator stating that the attacks will not stop unless he pays money. As part of the blackmail, the attacker offered the operator that he will create an upgraded and better firewall protection to the servers of the operator. The operator agreed and paid the attacker. The operator implemented the new code from the attacker which proved better than the old one but there was a 'backdoor' in the code. The attacker used the backdoor to steal all the data from the server about the players and uploaded these details to his website. The Office for Personal Data Protection concluded that the operator did not take apropriate security measures.

Kutipan Hukum

Art. 32

Masalah & Pelanggaran

Insufficient technical and organisational measures to ensure information security
Lihat Dokumen Resmi
Kembali ke Basis Data Denda

Tetap Terupdate tentang Penegakan Privasi

Kami menghormati privasi Anda. Satu email per bulan, tidak ada spam, berhenti berlangganan kapan saja.