IBERDROLA, S.A.

€3,000,000

Non-compliance with general data processing principles

Lēmuma datums

2024. gada 7. februāris

Iestāde

Spanish Data Protection Authority (aepd)

ES

Nozare

Transportation and Energy

Valsts

ES

Likums

GDPR

Statuss

FINAL

Apraksts

The Spanish DPA has fined IBERDROLA, S.A. EUR 3 million following a cyberattack on I-DE Redes, which led to the compromise of customer data from millions of individuals. Although the cyberattack targeted the GEA web application of I-DE Redes, Iberdrola, as the entity responsible for managing the group's IT systems and security infrastructure, was found to have failed in implementing sufficient security measures to prevent the incident.

Juridiskās atsauces

Art. 5 (1)Art. 32

Jautājumi un pārkāpumi

Non-compliance with general data processing principles
Skatīt oficiālo dokumentu
Atgriezties pie Naudas sodu datubāzes
Iepriekšējais naudas sods
Italian Data Protection Authority (Garante) - Wi-P...
Nākamais naudas sods
Data Protection Authority of Hamburg (HmbBfDI) - C...

Atjauniniet informāciju par konfidencialitātes ieviešanu

Mēs respektējam jūsu konfidencialitāti. Viens e-pasts mēnesī, bez surogātpasta, jebkurā laikā varat atteikties no abonēšanas.