Details:

Summary Original Fine Summary: ING Bank has not taken appropriate technical and organisational measures for an automated data processing system during the settlement process of card transactions affecting 225,525 customers, resulting in double transactions being executed between 8 and 10 October. Update: The Bucharest Court of Appeal overturned the fine of EUR 80,000.
Link: link link
Related articles:  Art. 32 GDPR
Type: Insufficient technical and organisational measures to ensure information security
Fine: EUR 0
Sector Finance, Insurance and Consulting

 

All data is based on The CMS’s Law GDPR Enforcement Tracker Source: https://www.enforcementtracker.com/

Tags: case law