Skip to content
Enforcement
EN

ING Bank N.V.: Insufficient technical and organisational measures to ensure information security

Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP)

€0 Fine
ING Bank N.V.
ROMANIA
Insufficient technical and organisational measures to ensure information security

Content

Original Fine Summary: ING Bank has not taken appropriate technical and organisational measures for an automated data processing system during the settlement process of card transactions affecting 225,525 customers, resulting in double transactions being executed between 8 and 10 October. Update: The Bucharest Court of Appeal overturned the fine of EUR 80,000.

GDPR Articles: Art. 32 GDPR
Industry: Finance, Insurance and Consulting