Softehnica S.R.L. – €5,000 Fine (Romania, 2025)

€5,000Autoritatea Națională de Supraveghere a Prelucrării Datelor cu Caracter Personal23 January 2025Romania
final
Fine

General GDPR enforcement action

This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.

Softehnica S.R.L. was fined for not protecting its systems against a ransomware attack that exposed personal data. The Romanian DPA found that the company did not have adequate security measures in place. This case serves as a warning for businesses to strengthen their data protection practices.

What happened

Softehnica S.R.L. was fined for failing to implement proper security measures, leading to a ransomware attack that compromised personal data.

Who was affected

Individuals whose personal data was accessed during the ransomware attack.

What the authority found

The Romanian DPA determined that Softehnica S.R.L. violated GDPR by not having appropriate technical and organizational measures to protect personal data.

Why this matters

This ruling emphasizes the necessity for companies to invest in cybersecurity. Businesses should regularly assess and upgrade their data protection strategies to prevent breaches.

GDPR Articles Cited

AI-verified

Art. 32(1)(b) GDPR
Art. 32(2) GDPR
View original scraped data
Art. 32(1) b) GDPR
Art. 32(2) GDPR

Original data from scraper before AI verification against source document.

Source verified 15 March 2026
articles corrected
Romania enforcementAutoritatea Națională de Supraveghere a Prelucrării Datelor cu Caracter Personal actionsAll Softehnica S.R.L. actions
Full Legal Summary
Detailed

The Romanian DPA has imposed a fine of EUR 5,000 on Softehnica S.R.L. The controller had suffered a ransomware attack, which allowed unauthorized third parties to gain access to the IT systems and thereby access personal data such as the name, place of residence, email address, etc. of the data subjects. During its investigation, the DPA found that the controller had failed to implement appropriate technical and organizational measures to protect personal data.

Related Enforcement Actions (0)

No other enforcement actions found for Softehnica S.R.L. in RO

This is the only recorded action for this entity in this jurisdiction.

Details

Fine Date

23 January 2025

Authority

Autoritatea Națională de Supraveghere a Prelucrării Datelor cu Caracter Personal

Fine Amount

€5,000

Enforcement Tracker ID

ETid-2505

Sources

About this data

Data: CMS GDPR Enforcement Tracker
Licensed under CC BY-NC-SA 4.0
AI-verified and classified

Cite as: Cookie Fines. Softehnica S.R.L. - Romania (2025). Retrieved from cookiefines.eu

Report Inaccuracy

Last updated: