Bank of Ireland 365 – €750,000 Fine (Ireland, 2023)

€750,000Data Protection Commission27 February 2023Ireland
final
Fine

General GDPR enforcement action

This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.

The Irish Data Protection Commission fined Bank of Ireland 365 EUR 750,000 for not securing its app properly. Unauthorized people accessed the app and other users' accounts because the bank didn't have the right security measures in place. This case highlights the importance of strong security for protecting customer data.

What happened

Bank of Ireland 365 failed to secure its app, allowing unauthorized access to users' accounts.

Who was affected

Customers of Bank of Ireland 365 whose accounts were accessed without permission.

What the authority found

The Irish DPA found that the bank did not implement adequate security measures, violating GDPR's requirements for data protection.

Why this matters

This case underscores the necessity for businesses to invest in robust security measures to protect customer data, as failing to do so can lead to significant fines and breaches.

GDPR Articles Cited

AI-verified

Art. 5(1)(f) GDPR
Art. 32(1) GDPR
View original scraped data
Art. 5(1)(f) GDPR
Art. 32(1) GDPR

Original data from scraper before AI verification against source document.

Source verified 5 March 2026
verified correct
Ireland enforcementData Protection Commission actionsAll Bank of Ireland 365 actions
Full Legal Summary
Detailed

The Irish DPA has fined Bank of Ireland 365 EUR 750,000. The bank had notified the DPA of 10 data breaches linked to the bank's app. Unauthorized persons had managed to gain access to the app as well as to other individuals' accounts. The DPA determined that this data breach was facilitated due to the bank's failure to implement appropriate technical and organizational measures to protect personal data.

Related Enforcement Actions (0)

No other enforcement actions found for Bank of Ireland 365 in IE

This is the only recorded action for this entity in this jurisdiction.

Details

Fine Date

27 February 2023

Authority

Data Protection Commission

Fine Amount

€750,000

Enforcement Tracker ID

ETid-1696

Sources

About this data

Data: CMS GDPR Enforcement Tracker
Licensed under CC BY-NC-SA 4.0
AI-verified and classified

Cite as: Cookie Fines. Bank of Ireland 365 - Ireland (2023). Retrieved from cookiefines.eu

Report Inaccuracy

Last updated: