ACTIVE ASSURANCES (car insurer)

€180,000

Insufficient technical and organisational measures to ensure information security

Datum för beslut

25 juli 2019

Myndighet

French Data Protection Authority (CNIL)

FR

Sektor

Finance, Insurance and Consulting

Land

FR

Lag

GDPR

Status

FINAL

Beskrivning

Large amount of customer accounts, clients' documents (including copies of driver's licences, vehicle registration, bank statements and documents to determine whether a person had been the subject of a licence withdrawal) and data were easily accesible online. The CNIL, between others, critizised the password management (unauthorized access was possible without any authentication).

Rättsliga hänvisningar

Art. 32

Frågor och överträdelser

Insufficient technical and organisational measures to ensure information security
Visa officiellt dokument
Tillbaka till databasen för böter
Föregående Fine
Hungarian National Authority for Data Protection a...
Nästa Fine
Data Protection Authority of Hamburg (HmbBfDI) - C...

Håll dig uppdaterad om efterlevnaden av sekretessreglerna

Vi respekterar din integritet. Ett e-postmeddelande per månad, ingen skräppost, avsluta prenumerationen när som helst.