Forgetting a test server can cost you money. Slimpay was thus fined 180,000 euros for leaving the personal data of 12 million people on a non-secure server accessible through the Internet. Therefore, the CNIL chose to sanction the company and publish the reasons for the sanction on its site: the commission indicates that the server, in charge of an R&D project in 2015 that lasted one year, has remained accessible until 2020.
This blunder exposed the data of 12 million users, including personal data (marital status data, physical and email addresses and phone numbers) but also banking information, namely BIC and IBAN identifiers of the interested persons. A major mistake for a company specialized in payment management: the CNIL thus considers that “the risk associated with the infringement must be considered high” and that, therefore, the company should have individually informed the users affected by the exposure of the data, as required by law. Slimpay defends itself by explaining that the data has probably not been used fraudulently by third parties, but the CNIL recalls in its opinion that “the absence of proven harm to the interested parties does not affect the existence of the security defect. “
Article 32 of the RGPD specifies that companies are obliged to protect the personal data they process at “a level of security appropriate to the risk”. “Otherwise, they are subject to a sanction by the data protection authority in the event of an audit. The CNIL also noted breaches related to certain contractual provisions of Slimpay’s services. Therefore, the CNIL noted that the Contracts offered by Slimpay to its service providers did not contain clauses designed to guarantee that subcontractors comply with the provisions of the GDPR. A legal oversight that obviously does not help the company’s record, and that pushes the CNIL to publicly sanction the company .
Woodmart Theme Nulled, WP Reset Pro, Newspaper 11.2, Newspaper – News & WooCommerce WordPress Theme, Premium Addons for Elementor, Rank Math Seo Pro Weadown, WeaPlay, WordPress Theme, Plugins, PHP Script, Jannah Nulled, Elementor Pro Weadown, Woocommerce Custom Product Ad, Business Consulting Nulled, Jnews 8.1.0 Nulled, Avada 7.4 Nulled, Nulledfire, Dokan Pro Nulled, Yoast Nulled, Flatsome Nulled, PW WooCommerce Gift Cards Pro Nulled, Astra Pro Nulled, Woodmart Theme Nulled, Slider Revolution Nulled, Wordfence Premium Nulled, Elementor Pro Weadown, Wpml Nulled, Consulting 6.1.4 Nulled, Fs Poster Plugin Nulled