France’s CNIL has fined NEXPUBLICA FRANCE €1.7 million for inadequate cybersecurity measures that led to a data breach affecting sensitive social services data. The fine highlights the importance of implementing strong security protocols, especially when handling highly sensitive personal information. #GDPR #NEXPUBLICA #DataProtection #SocialServicesData
Keypoints
- NEXPUBLICA FRANCE was fined for failing to secure sensitive social services data under GDPR regulations.
- The breach involved unauthorized access to third-party documents through the company’s portal in November 2022.
- The company’s security weaknesses existed despite prior internal and external audit reports highlighting vulnerabilities.
- CNIL found that NEXPUBLICA violated GDPR Article 32 by not implementing appropriate security measures.
- The €1.7 million fine aims to serve as a warning about the importance of addressing known security risks proactively.
Read More: https://thecyberexpress.com/gdpr-fine-on-nexpublica-france/