Details:
Summary | Fine for security vulnerabilities in a mobile messaging app developed for use in an Oslo school. The app allows parents and students to send messages to school staff. Due to insufficient technical and organizational measures to protect information security, unauthorized persons were able to log in as authorized users and gain access to personal data about students, legal representatives and employees. The fine has meanwhile been reduced to EUR 120.000, see link |
Link: | link |
Related articles: | Art. 32 GDPR |
Type: | Insufficient technical and organisational measures to ensure information security |
Fine: | EUR 120,000 |
Sector | Public Sector and Education |
All data is based on The CMS’s Law GDPR Enforcement Tracker Source: https://www.enforcementtracker.com/