UniCredit S.p.A. – €2,800,000 Fine (Italy, 2024)
UniCredit S.p.A. was fined €2.8 million for security issues in its mobile banking portal. These vulnerabilities could expose customer data to risks. This case highlights the need for banks to maintain strong security measures to protect sensitive information.
What happened
UniCredit S.p.A. had serious security vulnerabilities in its mobile banking portal that could lead to data breaches.
Who was affected
Customers using UniCredit's mobile banking services who could be affected by potential data breaches.
What the authority found
The Italian DPA found that UniCredit S.p.A. violated GDPR by not ensuring adequate security measures to protect customer data.
Why this matters
This ruling emphasizes that financial institutions must prioritize data security to safeguard customer information. Other banks should review their security protocols to prevent similar issues.
GDPR Articles Cited
View original scraped data
Original data from scraper before AI verification against source document.
The case concerns a data breach due to vulnerabilities in a mobile banking portal, unrelated to cookies or consent.
Violations (1)
Non-essential cookies (tracking, advertising) are placed on the user's device before obtaining valid consent.
Art. 6(1) GDPR
Related Enforcement Actions (1)
Other enforcement actions involving UniCredit S.p.A. in IT
Similar Cases
Enforcement actions with similar violations
Details
Fine Date
8 February 2024
Authority
Garante per la protezione dei dati personali
Fine Amount
€2,800,000
GDPRhub ID
gdprhub-7707About this data
Cite as: Cookie Fines. UniCredit S.p.A. - Italy (2024). Retrieved from cookiefines.eu
Last updated: