Finopro IFN SA – €2,250 Fine (Romania, 2023)

€2,250Autoritatea Națională de Supraveghere a Prelucrării Datelor cu Caracter Personal6 March 2023Romania
final
Fine

General GDPR enforcement action

This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.

Finopro IFN SA in Romania was fined €2,250 after a ransomware attack exposed customer data like credit card details and phone numbers. The company failed to put strong security measures in place. This incident shows the importance of having robust data protection to prevent cyberattacks.

What happened

Finopro IFN SA suffered a ransomware attack that exposed personal data due to inadequate security measures.

Who was affected

Customers whose personal data, including financial information, was accessed during the ransomware attack.

What the authority found

The Romanian DPA found that Finopro IFN SA did not have sufficient security measures to protect personal data, violating GDPR requirements.

Why this matters

This case highlights the critical need for companies to implement strong cybersecurity measures to protect customer data. It serves as a warning to businesses about the financial and reputational risks of inadequate data protection.

GDPR Articles Cited

Art. 32(1)(b) GDPR
Art. 32(2) GDPR
Romania enforcementAutoritatea Națională de Supraveghere a Prelucrării Datelor cu Caracter Personal actionsAll Finopro IFN SA actions
Full Legal Summary
Detailed

The Romanian DPA has imposed a fine of EUR 2,250 on Finopro IFN SA. The controller had suffered a ransomware attack in which unauthorized third parties gained access to personal data such as address, credit card details, bank account information, telephone numbers etc. of data subjects. During its investigation the DPA found that the controller had failed to implement adequate technical and organizational measures to protect personal data.

Related Enforcement Actions (0)

No other enforcement actions found for Finopro IFN SA in RO

This is the only recorded action for this entity in this jurisdiction.

Details

Fine Date

6 March 2023

Authority

Autoritatea Națională de Supraveghere a Prelucrării Datelor cu Caracter Personal

Fine Amount

€2,250

Enforcement Tracker ID

ETid-1680

Sources

About this data

Data: CMS GDPR Enforcement Tracker
Licensed under CC BY-NC-SA 4.0
AI-verified and classified

Cite as: Cookie Fines. Finopro IFN SA - Romania (2023). Retrieved from cookiefines.eu

Report Inaccuracy

Last updated: