In August 2022, the National Supervisory Authority completed the investigation of Curtea Veche Publishing SRL and fined the publisher 24,566 lei (equivalent to 5,000 EUR). The investigation was initiated due to the transmission by the operator of some messages about violations of the security of personal data. One of the violations of data security occurred as a result of posting on a public forum a file with the database of the operator’s customers for the period from 2019. – 2021 year.
This situation led to the unauthorized disclosure of certain personal data, such as the name, surname, phone number, e-mail, encrypted password, IP address from which the user account was created, of 10,739 of the operator’s customers.
The second data breach occurred as a result of a ransomware attack that resulted in unauthorized access and loss of integrity and availability of certain personal data of approx. 100 data subjects (employees and employees of Curtea Veche Publishing SRL).
During the investigation, the National Supervisory Authority found that the operator did not apply adequate technical measures to ensure a level of security that corresponds to the risk of the processing to the rights and freedoms of natural persons.
Photo: Dreamstime
Source: Hot News RO
Robert is an experienced journalist who has been covering the automobile industry for over a decade. He has a deep understanding of the latest technologies and trends in the industry and is known for his thorough and in-depth reporting.