Fan Courier, the largest courier company in Romania, was fined a considerable amount by the Romanian authorities, and all because it failed to properly protect its customers' data. According to the representatives of the National Supervisory Authority for the Processing of Personal Data. those from Fan Courier received a fine of 11.000 euros due to a security incident that affected the data of 1100 customers.
Fan Courier has not detailed the exact security incident that would have led to the application of this fine in the amount of 1100 euros, so we do not know exactly what happened, but probably the customer data was disclosed to third parties. You can see below what the authorities said about the sanction applied to those from Fan Courier, but this is not the first of its kind applied against any company in Romania by the authorities.
Fan Courier still has a smaller fine than those applied to other companies, in other cases the values are much higher than the 11.000 euros that we see imposed now by the authorities in Romania.
"The sanction was applied to the operator because it did not implement adequate technical and organizational measures in order to ensure a level of security corresponding to the processing risk generated in particular, accidentally or illegally, by the destruction, loss, modification, unauthorized disclosure or unauthorized access to data with personal data transmitted, stored or processed in another way, which led to the loss of personal data (surname, first name, card number, card security code (cvv), cardholder address, personal numerical code, series and card number identity, IBAN account number, approved credit limit, mailing address) and to the unauthorized disclosure/access of personal data, being affected by the security incidents a number of approximately 1100 targeted natural persons, although the operator had the obligation to take adequate security measures of personal data according to the provisions of art. 5 para. (1) lit. f of the GDPR."
