ACTIVE ASSURANCES (car insurer)

€180,000

Insufficient technical and organisational measures to ensure information security

Datum odločitve

25. julij 2019

Organ

French Data Protection Authority (CNIL)

FR

Sektor

Finance, Insurance and Consulting

Država

FR

Zakon

GDPR

Status

FINAL

Opis

Large amount of customer accounts, clients' documents (including copies of driver's licences, vehicle registration, bank statements and documents to determine whether a person had been the subject of a licence withdrawal) and data were easily accesible online. The CNIL, between others, critizised the password management (unauthorized access was possible without any authentication).

Pravne navedbe

Art. 32

Vprašanja in kršitve

Insufficient technical and organisational measures to ensure information security
Oglejte si uradni dokument
Nazaj v zbirko podatkov o globah
Prejšnja globa
Hungarian National Authority for Data Protection a...
Naslednja Drobna
Data Protection Authority of Hamburg (HmbBfDI) - C...

Spremljajte novice o uveljavljanju zasebnosti

Spoštujemo vašo zasebnost. Eno e-poštno sporočilo na mesec, brez neželene pošte, odjava kadar koli.