Payment service provider UAB MisterTango – €61,500 Fine (Lithuania, 2019)

€61,500Valstybine duomenu apsaugos inspekcija16 May 2019Lithuania
final
Fine

General GDPR enforcement action

This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.

The Lithuanian payment service provider UAB MisterTango was fined for exposing payment data online due to poor security measures. They also failed to report the data breach as required by GDPR. This case underscores the importance of strong data protection practices and timely breach notifications.

What happened

UAB MisterTango exposed payment data online and failed to report the data breach.

Who was affected

Customers whose payment data was publicly accessible due to inadequate security measures by UAB MisterTango.

What the authority found

The data protection authority fined UAB MisterTango for processing excessive data and failing to implement adequate security measures, as well as not reporting the data breach in accordance with GDPR.

Why this matters

This case serves as a warning to businesses about the importance of implementing robust security measures and the necessity of promptly reporting data breaches. It stresses the need for compliance with GDPR to protect customer data.

GDPR Articles Cited

Art. 5(GDPR)
Art. 32(GDPR)
Art. 33(GDPR)
Lithuania enforcementValstybine duomenu apsaugos inspekcija actionsAll Payment service provider UAB MisterTango actions
Full Legal Summary
Detailed

During an inspection, the Lithuanian Data Protection Supervisory Authority found that the controller processed more data than necessary to achieve the purposes for which he was a controller. In addition, it became known that from 09 - 10 July 2018 payment data were publicly available on the internet due to inadequate technical and organisational measures. 9,000 payments with 12 banks from different countries were affected. According to the supervisory authority, a data breach notification pursuant to Art. 33 GDPR would have been necessary. The controller did not report the Data Breach.

Related Enforcement Actions (0)

No other enforcement actions found for Payment service provider UAB MisterTango in LT

This is the only recorded action for this entity in this jurisdiction.

Details

Fine Date

16 May 2019

Authority

Valstybine duomenu apsaugos inspekcija

Fine Amount

€61,500

Enforcement Tracker ID

ETid-40

Sources

About this data

Data: CMS GDPR Enforcement Tracker
Licensed under CC BY-NC-SA 4.0
AI-verified and classified

Cite as: Cookie Fines. Payment service provider UAB MisterTango - Lithuania (2019). Retrieved from cookiefines.eu

Report Inaccuracy

Last updated: