Cipher Octopus

Location of Reported GDPR Violation:

Germany

Articles Violated:

• Article 32: A caller could obtain extensive information on personal customer data from the company's customer service department simply by entering a customer's name and date of..

Location of Reported GDPR Violation:

   Netherlands

Articles Violated:

• Art. 32 GDPR: Did not use multi-factor authentication when accessing the online employer portal; security was inadequate. Employers and health and safety services were able to..

Location of Reported GDPR Violation:

   Germany

Articles Violated:

• Art. 5 GDPR, Art. 25 GDPR: Personal data of tenants were stored without checking whether storage was permissible or even necessary, sometimes years after it was needed, and there..

Location of Reported GDPR Violation:

 Austria

Articles Violated:

• Article 5 (1) a: Created profiles of more than three million Austrians, which included information about their home addresses, personal preferences, habits and possible party..

Location of Reported GDPR Violation:

 Bulgaria 

Articles Violated:

• Article 32 GDPR: Personal data concerning about 6 million persons was illegally accessible.

Source:enforcementtracker.com

Location of Reported GDPR Violation:

 United Kingdom

Articles Violated:

• Article 32 GDPR: (Reported November 2018) Marriott failed to undertake sufficient due diligence when it bought Starwood hotels group (2016), whose systems were compromised as..

Location of Reported GDPR Violation:

United Kingdom 

Articles Violated:

• Article 32 GDPR: In September 2018 user traffic to the British Airways website was diverted to a fraudulent site, from which customer details were harvested by the attackers

Location of Reported GDPR Violation:

 France 

Articles Violated:

• Article 4.11: Obtained consents had not been given "specifically" and were not "unambigous"
• Article 5: Lack of transparency
• Article 6: Lack of legal basis
• Articles 13 and 14: ..