IBERDROLA, S.A.

€3,000,000

Non-compliance with general data processing principles

Data della decisione

7 febbraio 2024

Autorità

Spanish Data Protection Authority (aepd)

ES

Settore

Transportation and Energy

Paese

ES

Legge

GDPR

Stato

FINAL

Descrizione

The Spanish DPA has fined IBERDROLA, S.A. EUR 3 million following a cyberattack on I-DE Redes, which led to the compromise of customer data from millions of individuals. Although the cyberattack targeted the GEA web application of I-DE Redes, Iberdrola, as the entity responsible for managing the group's IT systems and security infrastructure, was found to have failed in implementing sufficient security measures to prevent the incident.

Citazioni legali

Art. 5 (1)Art. 32

Problemi e violazioni

Non-compliance with general data processing principles
Visualizza il documento ufficiale
Torna al database delle multe
Precedente Multa
Italian Data Protection Authority (Garante) - Wi-P...
Prossima ammenda
Data Protection Authority of Hamburg (HmbBfDI) - C...

Rimanete aggiornati sull'applicazione della privacy

Rispettiamo la vostra privacy. Un'email al mese, niente spam, cancellazione in qualsiasi momento.