"France's data protection regulator has fined the software company Nexpublica France €1.7 million ($2 million) for poor cybersecurity practices in the wake of a data breach. In November 2022, users of a Nexpublica portal reported they could access documents about third parties. France's data regulator, known as CNIL, investigated the incident and found that Nexpublica's data security program was inadequate, according to an agency press release."
"On December 22, CNIL levied the fine, which it said is based on the company's "financial capacity, its lack of knowledge of basic security principles, the number of people affected and the sensitivity of the data processed." Read more at The Record."
In November 2022 users of a Nexpublica portal were able to access documents about third parties, exposing sensitive information. CNIL investigated and determined that Nexpublica's data security program was inadequate. On December 22 CNIL fined Nexpublica France €1.7 million ($2 million) for poor cybersecurity practices connected to the breach. CNIL said the penalty reflected the company's financial capacity, its lack of knowledge of basic security principles, the number of people affected, and the sensitivity of the data processed. The sanction enforces regulatory standards for data protection and security.
Read at DataBreaches.Net
Unable to calculate read time
Collection
[
|
...
]