Italian DPA fines UniCredit $3M over data breach GDPR lapses
By 
Kyle Brasseur2024-03-11T15:54:00
The Italian data protection authority, Garante, announced a fine of 2.8 million euros (U.S. $3 million) against UniCredit for alleged violations of the General Data Protection Regulation (GDPR) regarding insufficient security measures the bank had in place during a cyberattack.
The penalty, assessed in February but revealed by Garante in a translated newsletter Thursday, came in response to a 2018 data breach at UniCredit that exposed the information of hundreds of thousands of customers.
UniCredit said in an emailed statement it would challenge the regulator’s decision.
Related articles
-
News BriefSpanish DPA dings retailer Uniqlo $294K over GDPR violations
Spain’s data protection authority fined retailer Uniqlo Europe 270,000 euros (U.S. $294,000) over admitted violations of the European Union’s General Data Protection Regulation.
-
News BriefCzech DPA fines Avast $15M over GDPR violations
The Czech Republic’s data protection authority issued a fine of 351 million Czech koruna (U.S. $15 million) against antivirus software vendor Avast for alleged violations of the General Data Protection Regulation.
-
News BriefAT&T: Data leak exposed info of 73M customers onto dark web
AT&T said personal account data on approximately 73 million current and former customers was released on the dark web two weeks ago but has not yet identified when and where the breach occurred.
More from Regulatory Enforcement
-
News BriefDelta to pay $8.1 million over False Claims Act violations tied to pandemic aid
Delta Air Lines agreed to pay $8.1 million over allegations it violated the False Claims Act by exceeding employee compensation limits it agreed to when taking federal pandemic aid money.
-
News BriefDOJ and CFTC close investigations into crypto betting platform Polymarket, report says
The U.S. Department of Justice (DOJ) and the Commodity Futures Trading Commission (CFTC) reportedly ended two investigations into Polymarket, a popular online crypto betting service that calls itself a “prediction market.” The move continues the Trump administration’s pro-crypt agenda.
-
News BriefFTC fines telehealth firm over deceptive weight-loss claims and fake reviews
The U.S. Federal Trade Commission said it has settled with telemedicine service Southern Health Solutions, Inc. over allegations the company used deceptive pricing and weight-loss claims, along with fake reviews and testimonials, to sell its weight-loss programs.