Intesa Sanpaolo S.p.A. – €31,800,000 Fine (Italy, 2026)
Intesa Sanpaolo S.p.A. was fined €31.8 million for a data breach caused by an employee's unauthorized access. This case is crucial as it underscores the need for strict internal controls to protect sensitive customer information.
What happened
Intesa Sanpaolo S.p.A. experienced a data breach due to unauthorized access by an employee.
Who was affected
Customers whose personal data was exposed during the data breach at Intesa Sanpaolo S.p.A.
What the authority found
The Italian authority determined that Intesa Sanpaolo failed to implement adequate security measures to protect personal data, violating GDPR requirements.
Why this matters
This ruling serves as a strong reminder for financial institutions and other companies to enforce robust internal security protocols to safeguard customer data.
GDPR Articles Cited
View original scraped data
Original data from scraper before AI verification against source document.
The case involved a data breach due to unauthorized access by an employee, unrelated to cookies or consent mechanisms.
Related Enforcement Actions (1)
Other enforcement actions involving Intesa Sanpaolo S.p.A. in IT
Details
Fine Date
26 March 2026
Authority
Garante per la protezione dei dati personali
Fine Amount
€31,800,000
GDPRhub ID
gdprhub-9916About this data
Cite as: Cookie Fines. Intesa Sanpaolo S.p.A. - Italy (2026). Retrieved from cookiefines.eu
Last updated: