IBERDROLA, S.A. – €3,000,000 Fine (Spain, 2024)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
The Spanish DPA has fined IBERDROLA, S.A. EUR 3 million following a cyberattack on I-DE Redes, which led to the compromise of customer data from millions of individuals. Although the cyberattack targeted the GEA web application of I-DE Redes, Iberdrola, as the entity responsible for managing the group's IT systems and security infrastructure, was found to have failed in implementing sufficient security measures to prevent the incident.
GDPR Articles Cited
View original scraped data
Original data from scraper before AI verification against source document.
The Spanish DPA has fined IBERDROLA, S.A. EUR 3 million following a cyberattack on I-DE Redes, which led to the compromise of customer data from millions of individuals. Although the cyberattack targeted the GEA web application of I-DE Redes, Iberdrola, as the entity responsible for managing the group's IT systems and security infrastructure, was found to have failed in implementing sufficient security measures to prevent the incident.
Related Enforcement Actions (0)
No other enforcement actions found for IBERDROLA, S.A. in ES
This is the only recorded action for this entity in this jurisdiction.
Details
Fine Date
7 February 2024
Authority
Agencia Española de Protección de Datos
Fine Amount
€3,000,000
Enforcement Tracker ID
ETid-2557
About this data
Cite as: Cookie Fines. IBERDROLA, S.A. - Spain (2024). Retrieved from cookiefines.eu
Last updated: