Poste Vita S.p.a.
€80,000
Insufficient technical and organisational measures to ensure information security
Data deciziei
10 iulie 2025
Autoritatea
Italian Data Protection Authority (Garante)
IT
Sector
Finance, Insurance and Consulting
Țara
IT
Legea
GDPRStatut
FINALDescriere
The Italian DPA has imposed a fine on Poste Vita S.p.a. The controller failed to implement adequate technical and organisational measures to ensure data security. This resulted in a third party successfully tricking an employee into forwarding sensitive personal data, which was then used against the data subject.
Citări juridice
Art. 5 (1)Art. 33 (1)
Probleme și încălcări
Insufficient technical and organisational measures to ensure information security