Enforcement
EN Virgin Mobile Polska: Insufficient technical and organisational measures to ensure information security
€443,000 fine - Polish National Personal Data Protection Office (UODO)
Content
The Polish DPA (UODO) fined Virgin Mobile Polska EUR 443,000 due to a data leak that allowed unauthorized third parties to access personal data stored by Virgin Mobile Polska as a result of inadequate security measures. The DPA notes that the company did not conduct regular and extensive tests on the effectiveness of the measures applied to ensure data security. Indeed, activities in this regard were conducted only in the event of a suspected security leak.
GDPR Articles: Art. 5 (1) f), (2) GDPR, Art. 25 (1) GDPR, Art. 32 (1) b), d), (2) GDPR
Industry: Media, Telecoms and Broadcasting