IBERDROLA, S.A.

€3,000,000

Non-compliance with general data processing principles

Dato for beslutning

7. februar 2024

Myndighet

Spanish Data Protection Authority (aepd)

ES

Sektor

Transportation and Energy

Land

ES

Lov og rett

GDPR

Status

FINAL

Beskrivelse

The Spanish DPA has fined IBERDROLA, S.A. EUR 3 million following a cyberattack on I-DE Redes, which led to the compromise of customer data from millions of individuals. Although the cyberattack targeted the GEA web application of I-DE Redes, Iberdrola, as the entity responsible for managing the group's IT systems and security infrastructure, was found to have failed in implementing sufficient security measures to prevent the incident.

Juridiske henvisninger

Art. 5 (1)Art. 32

Problemer og overtredelser

Non-compliance with general data processing principles
Se offisielt dokument
Tilbake til bøtedatabasen
Tidligere Fine
Italian Data Protection Authority (Garante) - Wi-P...
Neste bot
Data Protection Authority of Hamburg (HmbBfDI) - C...

Hold deg oppdatert om håndheving av personvern

Vi respekterer personvernet ditt. Én e-post per måned, ingen spam, avmelding når som helst.