Sweden’s data protection authority (DPA) issued a penalty of 35 million Swedish krona (U.S. $3.2 million) against insurance company Trygg-Hansa for alleged security flaws that made customer insurance information accessible on the internet.
The issue occurred in November 2020 at Moderna Försäkringar, which Trygg-Hansa merged with in April 2022, the company said in a translated clarifying statement. Trygg-Hansa said the issue did not affect its customers.
