Skip to content
Enforcement
EN

Virgin Mobile Polska: Insufficient technical and organisational measures to ensure information security

€443,000 fine - Polish National Personal Data Protection Office (UODO)

€443,000 Fine
Virgin Mobile Polska
POLAND
Insufficient technical and organisational measures to ensure information security

Content

The Polish DPA (UODO) fined Virgin Mobile Polska EUR 443,000 due to a data leak that allowed unauthorized third parties to access personal data stored by Virgin Mobile Polska as a result of inadequate security measures. The DPA notes that the company did not conduct regular and extensive tests on the effectiveness of the measures applied to ensure data security. Indeed, activities in this regard were conducted only in the event of a suspected security leak.

GDPR Articles: Art. 5 (1) f), (2) GDPR, Art. 25 (1) GDPR, Art. 32 (1) b), d), (2) GDPR
Industry: Media, Telecoms and Broadcasting