I-DE REDES ELÉCTRICAS INTELIGENTES, S.A.U.
€3,500,000
Non-compliance with general data processing principles
Sprendimo priėmimo data
2024 m. vasario 5 d.
Institucija
Spanish Data Protection Authority (aepd)
ES
Sektorius
Transportation and Energy
Šalis
ES
Teisė
GDPRStatusas
FINALAprašymas
The Spanish DPA has imposed a fine of EUR 3.5 million on I-DE REDES ELÉCTRICAS INTELIGENTES, S.A.U. The controller had suffered a cyber attack on its GEA web application resulting in the compromise of personal data of millions of customers. During its investigation, the DPA found that Iberdrola had not taken sufficient security measures to prevent the attack.
Teisinės citatos
Art. 5 (1)Art. 32
Problemos ir pažeidimai
Non-compliance with general data processing principles