KARAMBELAS KONSTANTINOS & CO. E.E.: Insufficient technical and organisational measures to ensure information security

The Greek DPA has imposed a fine of EUR 40,000 on KARAMBELAS KONSTANTINOS & CO. E.E. The processor, which was processing data for a telecommunications provider (ETid: 2878), failed to implement sufficient technical and organisational measures to ensure data security. This resulted in multiple SIM cards being registered in a third person's name.

GDPR Articles: Art. 29 GDPR, Art. 32 GDPR
Industry: Media, Telecoms and Broadcasting