Poste Vita S.p.a.
€80,000
Insufficient technical and organisational measures to ensure information security
Sprendimo priėmimo data
2025 m. liepos 10 d.
Institucija
Italian Data Protection Authority (Garante)
IT
Sektorius
Finance, Insurance and Consulting
Šalis
IT
Teisė
GDPRStatusas
FINALAprašymas
The Italian DPA has imposed a fine on Poste Vita S.p.a. The controller failed to implement adequate technical and organisational measures to ensure data security. This resulted in a third party successfully tricking an employee into forwarding sensitive personal data, which was then used against the data subject.
Teisinės citatos
Art. 5 (1)Art. 33 (1)
Problemos ir pažeidimai
Insufficient technical and organisational measures to ensure information security