Bulgaria
DSK Bank
511,000 €
GDPR enforcement action by Data Protection Commision of Bulgaria (KZLD) on 2019-08-28.
Rank · Sector
#42
of 322 in Finance, Insurance and Consulting
Rank · Bulgaria
#2
of 31
Rank · All fines
#235
of 3,042
Case details
- Authority
- Data Protection Commision of Bulgaria (KZLD)
- Date
- 2019-08-28
- Controller / Processor
- DSK Bank
- Sector
- Finance, Insurance and Consulting
- Quoted Articles
- Art. 32 GDPR
- Type of violation
- Insufficient technical and organisational measures to ensure information security
Summary
Leakage of personal data due to inadequate technical and organisational measures to ensure the protection of information security. Third parties had access to over 23000 credit records relating to over 33000 bank customers including personal data such as names, citizenships, identification numbers, adresses, copies of identity cards and biometric data.
Open original source
Links to the regulator's original publication or another source.
Related fines
Bulgaria
2019-08-28
2,600,000 €
ETid-71
National Revenue Agency
Public Sector and Education
Bulgaria
2022-05-04
500,000 €
ETid-1832
Bulgarian Post EAD
Transportation and Energy
Bulgaria
2019-09-03
28,100 €
ETid-140
National Revenue Agency
Public Sector and Education
Bulgaria
2019-02-26
27,100 €
ETid-7
Telecommunication service provider
Media, Telecoms and Broadcasting
Bulgaria
2022
12,800 €
ETid-1831
Political party
Individuals and Private Associations
Bulgaria
2023-01-26
12,800 €
ETid-2882
Political Party
Individuals and Private Associations