Cyprus
Open University of Cyprus
45,000 €
GDPR enforcement action by Cypriot Data Protection Commissioner on 2023-11-22.
Rank · Sector
#71
of 357 in Public Sector and Education
Rank · Cyprus
#3
of 47
Rank · All fines
#766
of 3,051
Case details
- Authority
- Cypriot Data Protection Commissioner
- Date
- 2023-11-22
- Controller / Processor
- Open University of Cyprus
- Sector
- Public Sector and Education
- Quoted Articles
- Art. 5 GDPR, Art. 32 GDPR
- Type of violation
- Insufficient technical and organisational measures to ensure information security
Summary
The Cypriot DPA has imposed a fine of EUR 45,000 on Open University of Cyprus. The university had suffered a data breach involving hackers publishing personal data of students, alumni etc. on the dark web. During its investigation, the DPA found that the university had failed to implement appropriate technical and organizational measures to protect personal data.
Open original source
Links to the regulator's original publication or another source.
Related fines
Cyprus
2021-11-12
925,000 €
ETid-909
WS WiSpear Systems Ltd
Industry and Commerce
Cyprus
2019-10-25
70,000 €
ETid-179
LGS Handling Ltd, Louis Travel Ltd, and Louis Aviation Ltd
Employment
Cyprus
2021-03-03
40,000 €
ETid-581
Electricity Authority of Cyprus
Employment
Cyprus
2021-09-06
40,000 €
ETid-830
APOEL FC
Individuals and Private Associations
Cyprus
2021-09-06
40,000 €
ETid-831
AC Omonia
Individuals and Private Associations
Cyprus
2021-03-03
25,000 €
ETid-578
Hellenic Bank
Finance, Insurance and Consulting