Hellenic Post (ΕΛΛΗΝΙΚΑ ΤΑΧΥΔΡΟΜΕΙΑ ΑΝΩΝΥΜΗ ΕΤΑΙΡΕΙΑ)
€2,995,140
Insufficient technical and organisational measures to ensure information security
Дата прийняття рішення
28 лютого 2024 р.
Влада
Hellenic Data Protection Authority (HDPA)
GR
Сектор
Transportation and Energy
Країна
GR
Право
GDPRСтатус
FINALОпис
The Hellenic DPA has imposed a fine of EUR 2,995,140 on the Hellenic Post (ΕΛΛΗΝΙΚΑ ΤΑΧΥΔΡΟΜΕΙΑ ΑΝΩΝΥΜΗ ΕΤΑΙΡΕΙΑ). The controller had suffered a data breach which resulted in personal data being accessed and later published on the Dark Web. During its investigation, the DPA found that the controller had failed to implement appropriate technical and organizational measures to prevent such an incident.
Юридичні посилання
Art. 5 (1)Art. 32
Проблеми та порушення
Insufficient technical and organisational measures to ensure information security