Open University of Cyprus – €45,000 Fine (Cyprus, 2023)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
The Open University of Cyprus was fined for not protecting student data after a breach. The university failed to implement proper security measures, leading to leaked personal information. This case serves as a reminder for educational institutions to prioritize data security.
What happened
The Open University of Cyprus did not have adequate security measures in place, resulting in a personal data breach affecting students and alumni.
Who was affected
Students, alumni, and partners of the Open University of Cyprus whose personal data was leaked.
What the authority found
The DPA Commissioner found that the university violated privacy rules by not ensuring proper security for personal data.
Why this matters
This fine highlights the need for educational institutions to strengthen their data protection practices. Other organizations should review their security measures to avoid similar penalties.
GDPR Articles Cited
View original scraped data
Original data from scraper before AI verification against source document.
The Cypriot DPA has imposed a fine of EUR 45,000 on Open University of Cyprus. The university had suffered a data breach involving hackers publishing personal data of students, alumni etc. on the dark web. During its investigation, the DPA found that the university had failed to implement appropriate technical and organizational measures to protect personal data.
Related Enforcement Actions (1)
Other enforcement actions involving Open University of Cyprus in CY
Details
Fine Date
22 November 2023
Authority
Commissioner for Personal Data Protection
Fine Amount
€45,000
Enforcement Tracker ID
ETid-2144
About this data
Cite as: Cookie Fines. Open University of Cyprus - Cyprus (2023). Retrieved from cookiefines.eu
Last updated: