On 9 July 2020, following a data breach notification, the Romanian Data Protection Authority announced a fine of EUR 15,000 was imposed on an operator in the leasing sector for failure to comply with the security of processing requirements provided under Article 32 para. (1) and (2) of the GDPR.
A corrective measure was also applied to review and update the technical and organizational measures ensuring data security.
The full press release is available here (only in Romanian).
