Details:
| Summary | The Hungarian DPA (NAIH) imposed a fine of HUF 50,000 (EUR 1,385) on Next Time Media Ügynökség Kft. (Next Time Media Agency Ltd.). The web agency had been contracted by the travel agency Robinson Tours Idegenforgalmi és Szolgáltató Kft. (Robinson Tours Ltd.) to develop and operate the travel agency’s online reservation system. However, the database was not only supplemented with test data, but also with real data of Robinson Tours’ customers. In total, the data of 781 people was compromised. During the period from November 13, 2019, to February 4, 2020, these data were accessible to anyone and could be found via Google. The DPA found that Next Time Media Agency Ltd. did not take adequate technical and organizational measures to ensure the security of the personal data. |
| Link: | link |
| Related articles: | Art. 32 (1) GDPR |
| Type: | Insufficient technical and organisational measures to ensure information security |
| Fine: | EUR 1,385 |
| Sector | Media, Telecoms and Broadcasting |
All data is based on The CMS’s Law GDPR Enforcement Tracker Source: https://www.enforcementtracker.com/