Details:

Summary The company had failed to take adequate technical and organisational measures to ensure data security, which led to the publication on Facebook of a document containing a password for access to personal data of 436 customers.
Link: link
Related articles:  Art. 32 GDPR
Type: Insufficient technical and organisational measures to ensure information security
Fine: EUR 15,000
Sector Industry and Commerce

 

All data is based on The CMS’s Law GDPR Enforcement Tracker Source: https://www.enforcementtracker.com/

Tags: case law