Irish Credit Bureau DAC – €90,000 Fine (Ireland, 2021)

€90,000Data Protection Commission23 March 2021Ireland
final
Fine

General GDPR enforcement action

This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.

The Irish Data Protection Commission fined the Irish Credit Bureau EUR 90,000 for a data breach. A technical error led to incorrect updates of 15,120 closed accounts, and 1,062 inaccurate records were shared with financial institutions or individuals. This case highlights the importance of ensuring data accuracy and security, especially for businesses handling sensitive financial information.

What happened

The Irish Credit Bureau shared inaccurate account records due to a technical error in their database.

Who was affected

Individuals with closed accounts in the Irish Credit Bureau's database had their records inaccurately updated and shared.

What the authority found

The Data Protection Commission found that the Irish Credit Bureau violated GDPR by not maintaining accurate and secure data processing practices.

Why this matters

This fine underscores the need for companies to regularly audit and secure their data systems to prevent breaches. It serves as a reminder to businesses that even technical errors can lead to significant regulatory penalties.

GDPR Articles Cited

Art. 5(2) GDPR
Art. 24(1) GDPR
Art. 25(1) GDPR
Ireland enforcementData Protection Commission actionsAll Irish Credit Bureau DAC actions
Full Legal Summary
Detailed

The Irish DPA (DPC) has imposed a fine of EUR 90,000 on Irish Credit Bureau (ICB). The fine follows a data breach reported by the controller to the DPA on August 31, 2018. The controller is a credit reporting agency that maintains a database of credit contract performance between financial institutions and borrowers. The data breach occurred when the controller made a code change to its database that contained a technical error. As a result, between June 28, 2018 and August 30, 2018, the ICB database inaccurately updated the records of 15,120 closed accounts. The controller disclosed 1,062 inaccurate account records to financial institutions or affected individuals before the issue was resolved.

Related Enforcement Actions (0)

No other enforcement actions found for Irish Credit Bureau DAC in IE

This is the only recorded action for this entity in this jurisdiction.

Details

Fine Date

23 March 2021

Authority

Data Protection Commission

Fine Amount

€90,000

Enforcement Tracker ID

ETid-689

Sources

About this data

Data: CMS GDPR Enforcement Tracker
Licensed under CC BY-NC-SA 4.0
AI-verified and classified

Cite as: Cookie Fines. Irish Credit Bureau DAC - Ireland (2021). Retrieved from cookiefines.eu

Report Inaccuracy

Last updated: