Individual entrepreneur - no further details published

€980

Insufficient technical and organisational measures to ensure information security

Lēmuma datums

Nav pieejams

Iestāde

Czech Data Protection Auhtority (UOOU)

CZ

Nozare

Individuals and Private Associations

Valsts

CZ

Likums

GDPR

Statuss

FINAL

Apraksts

The operator of an online game was exposed to several DDoS attacks which caused the malfunctioning of the servers. The attacker blackmailed the operator stating that the attacks will not stop unless he pays money. As part of the blackmail, the attacker offered the operator that he will create an upgraded and better firewall protection to the servers of the operator. The operator agreed and paid the attacker. The operator implemented the new code from the attacker which proved better than the old one but there was a 'backdoor' in the code. The attacker used the backdoor to steal all the data from the server about the players and uploaded these details to his website. The Office for Personal Data Protection concluded that the operator did not take apropriate security measures.

Juridiskās atsauces

Art. 32

Jautājumi un pārkāpumi

Insufficient technical and organisational measures to ensure information security
Skatīt oficiālo dokumentu
Atgriezties pie Naudas sodu datubāzes

Atjauniniet informāciju par konfidencialitātes ieviešanu

Mēs respektējam jūsu konfidencialitāti. Viens e-pasts mēnesī, bez surogātpasta, jebkurā laikā varat atteikties no abonēšanas.