National Revenue Agency – €2,600,000 Fine (Bulgaria, 2019)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
Bulgaria's National Revenue Agency was fined for a massive data breach affecting 6 million people. The breach happened because of poor security measures. This case highlights the critical need for strong data protection practices to prevent unauthorized access.
What happened
A data breach at the National Revenue Agency exposed personal data of about 6 million people due to inadequate security measures.
Who was affected
Approximately 6 million individuals whose personal data was compromised in the breach.
What the authority found
The authority concluded that the agency failed to implement adequate security measures to protect personal data, leading to the breach.
Why this matters
This case serves as a stark reminder for organizations to prioritize data security and implement robust measures to protect personal information. It highlights the severe consequences of failing to safeguard data against cyberattacks.
GDPR Articles Cited
View original scraped data
Original data from scraper before AI verification against source document.
Leakage of personal data in a hacking attack due to inadequate technical and organisational measures to ensure the protection of information security. It was found that personal data concerning about 6 million persons was illegally accessible.
Related Enforcement Actions (1)
Other enforcement actions involving National Revenue Agency in BG
Details
Fine Date
28 August 2019
Authority
Commission for Personal Data Protection
Fine Amount
€2,600,000
Enforcement Tracker ID
ETid-71
About this data
Cite as: Cookie Fines. National Revenue Agency - Bulgaria (2019). Retrieved from cookiefines.eu
Last updated: