Hellenic Post (ΕΛΛΗΝΙΚΑ ΤΑΧΥΔΡΟΜΕΙΑ ΑΝΩΝΥΜΗ ΕΤΑΙΡΕΙΑ) – €2,995,140 Fine (Greece, 2024)

€2,995,140Hellenic Data Protection Authority28 February 2024Greece
final
Fine

General GDPR enforcement action

This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.

Hellenic Post was fined nearly 3 million euros for a data breach that exposed personal information on the Dark Web. The Hellenic Data Protection Authority found that the company did not take adequate steps to protect user data. This case shows how serious data breaches can lead to hefty fines and damage to a company's reputation.

What happened

Hellenic Post was fined for a data breach that allowed personal data to be accessed and published online.

Who was affected

Customers of Hellenic Post whose personal data was compromised were affected.

What the authority found

The Hellenic Data Protection Authority determined that Hellenic Post failed to implement necessary security measures to prevent the breach.

Why this matters

This case serves as a warning to all businesses about the importance of data security. Companies must invest in proper safeguards to protect customer information and avoid significant penalties.

GDPR Articles Cited

AI-verified

Art. 32(GDPR)
Art. 5(1)(f) GDPR
View original scraped data
Art. 5(1)(f) GDPR
Art. 32 GDPR

Original data from scraper before AI verification against source document.

Source verified 5 March 2026
verified correct
Greece enforcementHellenic Data Protection Authority actionsAll Hellenic Post (ΕΛΛΗΝΙΚΑ ΤΑΧΥΔΡΟΜΕΙΑ ΑΝΩΝΥΜΗ ΕΤΑΙΡΕΙΑ) actions
Full Legal Summary
Detailed

The Hellenic DPA has imposed a fine of EUR 2,995,140 on the Hellenic Post (ΕΛΛΗΝΙΚΑ ΤΑΧΥΔΡΟΜΕΙΑ ΑΝΩΝΥΜΗ ΕΤΑΙΡΕΙΑ). The controller had suffered a data breach which resulted in personal data being accessed and later published on the Dark Web. During its investigation, the DPA found that the controller had failed to implement appropriate technical and organizational measures to prevent such an incident.

Related Enforcement Actions (0)

No other enforcement actions found for Hellenic Post (ΕΛΛΗΝΙΚΑ ΤΑΧΥΔΡΟΜΕΙΑ ΑΝΩΝΥΜΗ ΕΤΑΙΡΕΙΑ) in GR

This is the only recorded action for this entity in this jurisdiction.

Details

Fine Date

28 February 2024

Authority

Hellenic Data Protection Authority

Fine Amount

€2,995,140

Enforcement Tracker ID

ETid-2284

Sources

About this data

Data: CMS GDPR Enforcement Tracker
Licensed under CC BY-NC-SA 4.0
AI-verified and classified

Cite as: Cookie Fines. Hellenic Post (ΕΛΛΗΝΙΚΑ ΤΑΧΥΔΡΟΜΕΙΑ ΑΝΩΝΥΜΗ ΕΤΑΙΡΕΙΑ) - Greece (2024). Retrieved from cookiefines.eu

Report Inaccuracy

Last updated: