CAJA RURAL CENTRAL, S.C.C.
€72,000
Non-compliance with general data processing principles
결정 날짜
2025년 1월 16일
권한
Spanish Data Protection Authority (aepd)
ES
섹터
Finance, Insurance and Consulting
국가
ES
법률
GDPR상태
FINAL설명
The Spanish DPA has imposed a fine on CAJA RURAL CENTRAL, S.C.C.. The controller had suffered a cyber attack in which the attackers were able to access customer data due to a security vulnerability in its systems. The DPA found that the company had failed to implement the necessary security measures that could have prevented such an incident. The original fine of EUR 90,000 was reduced to EUR 72,000 due to voluntary payment.
법적 인용
Art. 5 (1)
문제 및 위반 사항
Non-compliance with general data processing principles