Food company

€100K($108K USD)final

Date Issued

2019-10-24

Regulation

GDPR

Authority

Data Protection Authority of Baden-Wuerttemberg

Country

Germany

Violation Type

Failure to implement sufficient measures to ensure information security

Currency

EUR

Violation Summary

Upon creation of an applicant portal where interested parties could apply their documents for a job, the food company failed to encrypt the applicant portal. The transmission of the data had no encryption and the data storage was completely unencrypted and offered no password-protected security systems. Moreover, the data was linked to Google, so anyone could find the applicants’ documents and retrieve them after a simple Google search.

Articles Violated

Art. 5 GDPRArt. 32 GDPR

View Source Document →

Related Headlines

M&S profits almost wiped out after cyber hack left shelves empty - BBC

BBC · 11/5/2025

Key takeaways from Ireland’s DPC annual report - IAPP

IAPP · 6/19/2025

Southall sandwich company hit with £46,000 fine after listeria found in its products - ealing.news

ealing.news · 3/12/2025

Elliott Wins 5 Board Seats At Southwest, Ending Feud - WSJ

WSJ · 10/25/2024

Israel Targets Hezbollah Chief In Powerful Beirut Airstrike - WSJ

WSJ · 9/28/2024

Other Fines for Food company

Date	Regulation	Amount (USD)	Type
2019-10-24	GDPR	$108,000	Failure to implement sufficient measures to ensure information security