SIRIUS (law firm)

€67,200

Insufficient technical and organisational measures to ensure information security

Data decyzji

14 lipca 2022

Władza

Danish Data Protection Authority (Datatilsynet)

DK

Sektor

Finance, Insurance and Consulting

Kraj

DK

Prawo

GDPR

Status

FINAL

Opis

The Danish DPA has imposed a fine of EUR 67,200 on the law firm SIRIUS. The law firm had suffered a cyber attack in which hackers gained access to the firm's servers and encrypted them. This gave them access to information about the firm's clients and business partners. During its investigation, the DPA found that the law firm lacked basic security measures, which increased the risk of unauthorized access to client data. The firm's systems, for example, did not contain sufficient verification measures, such as multi-factor logins.

Cytaty prawne

Art. 32

Problemy i naruszenia

Insufficient technical and organisational measures to ensure information security
Zobacz oficjalny dokument
Powrót do bazy danych grzywien
Previous Fine
Information Commissioner of Isle of Man - Manx Car...
Next Fine
Data Protection Authority of Hamburg (HmbBfDI) - C...

Bądź na bieżąco z egzekwowaniem przepisów dotyczących prywatności

Szanujemy Twoją prywatność. Jeden e-mail miesięcznie, bez spamu, zrezygnuj z subskrypcji w dowolnym momencie.