Poste Vita S.p.a.
€80,000
Insufficient technical and organisational measures to ensure information security
Data decyzji
10 lipca 2025
Władza
Italian Data Protection Authority (Garante)
IT
Sektor
Finance, Insurance and Consulting
Kraj
IT
Prawo
GDPRStatus
FINALOpis
The Italian DPA has imposed a fine on Poste Vita S.p.a. The controller failed to implement adequate technical and organisational measures to ensure data security. This resulted in a third party successfully tricking an employee into forwarding sensitive personal data, which was then used against the data subject.
Cytaty prawne
Art. 5 (1)Art. 33 (1)
Problemy i naruszenia
Insufficient technical and organisational measures to ensure information security