UniCredit S.p.A. – €2,800,000 Fine (Italy, 2024)
UniCredit S.p.A. faced a hefty fine due to a data breach linked to security flaws in its mobile banking portal. This case is crucial because it shows that companies must take strong security measures to protect customer data or face serious financial penalties.
What happened
UniCredit S.p.A. experienced a data breach caused by vulnerabilities in its mobile banking portal.
Who was affected
Customers of UniCredit S.p.A. whose personal data may have been compromised in the breach were affected.
What the authority found
The authority found that UniCredit S.p.A. violated GDPR by failing to implement adequate security measures to protect personal data.
Why this matters
This ruling stresses the importance of robust security practices for companies handling sensitive customer information. It serves as a warning that neglecting data security can lead to significant financial consequences.
GDPR Articles Cited
View original scraped data
Original data from scraper before AI verification against source document.
The case involves a data breach due to vulnerabilities in a mobile banking portal, focusing on security measures rather than cookie or consent issues.
Violations (1)
Non-essential cookies (tracking, advertising) are placed on the user's device before obtaining valid consent.
Art. 6(1) GDPR
Related Enforcement Actions (1)
Other enforcement actions involving UniCredit S.p.A. in IT
Similar Cases
Enforcement actions with similar violations
Details
Fine Date
8 February 2024
Authority
Garante per la protezione dei dati personali
Fine Amount
€2,800,000
GDPRhub ID
gdprhub-7707About this data
Cite as: Cookie Fines. UniCredit S.p.A. - Italy (2024). Retrieved from cookiefines.eu
Last updated: