IBERDROLA, S.A.

€3,000,000

Non-compliance with general data processing principles

Beslissingsdatum

7 februari 2024

Autoriteit

Spanish Data Protection Authority (aepd)

ES

Sector

Transportation and Energy

Land

ES

Wet

GDPR

Status

FINAL

Beschrijving

The Spanish DPA has fined IBERDROLA, S.A. EUR 3 million following a cyberattack on I-DE Redes, which led to the compromise of customer data from millions of individuals. Although the cyberattack targeted the GEA web application of I-DE Redes, Iberdrola, as the entity responsible for managing the group's IT systems and security infrastructure, was found to have failed in implementing sufficient security measures to prevent the incident.

Juridische citaten

Art. 5 (1)Art. 32

Problemen en overtredingen

Non-compliance with general data processing principles
Officieel document bekijken
Terug naar de database met boetes
Vorige boete
Italian Data Protection Authority (Garante) - Wi-P...
Volgende boete
Data Protection Authority of Hamburg (HmbBfDI) - C...

Blijf op de hoogte van privacybescherming

We respecteren je privacy. Eén e-mail per maand, geen spam, afmelden kan altijd.