- Chief Compliance Officer and VP of Legal Affairs, Arrow Electronics
By 
Kyle Brasseur2024-03-11T15:54:00
The Italian data protection authority, Garante, announced a fine of 2.8 million euros (U.S. $3 million) against UniCredit for alleged violations of the General Data Protection Regulation (GDPR) regarding insufficient security measures the bank had in place during a cyberattack.
The penalty, assessed in February but revealed by Garante in a translated newsletter Thursday, came in response to a 2018 data breach at UniCredit that exposed the information of hundreds of thousands of customers.
UniCredit said in an emailed statement it would challenge the regulator’s decision.
THIS IS MEMBERS-ONLY CONTENT. To continue reading, choose one of the options below.
News and analysis for the well-informed compliance or audit exec. Select an option and click continue.
Annual Membership $499 Value offer
Full price one year membership with auto-renewal.
Membership $599
One-year only, no auto-renewal.
Spain’s data protection authority fined retailer Uniqlo Europe 270,000 euros (U.S. $294,000) over admitted violations of the European Union’s General Data Protection Regulation.
The Czech Republic’s data protection authority issued a fine of 351 million Czech koruna (U.S. $15 million) against antivirus software vendor Avast for alleged violations of the General Data Protection Regulation.
AT&T said personal account data on approximately 73 million current and former customers was released on the dark web two weeks ago but has not yet identified when and where the breach occurred.
Becton Dickinson medical device company will pay $175 million for “repeatedly” misleading investors about its Alaris infusion pump, a product the company knew was flawed and was sold without the required patient-safety approvals, the Securities and Exchange Commission said.
The Securities and Exchange Commission charged bankrupt fashion retailer Express with failing to disclose nearly $1 million in perks to a former chief executive, but did not levy a financial penalty thanks to its cooperation, the SEC said.
A Minnesota transportation company agreed to pay nearly $258,000 to settle allegations that a subsidiaries violated sanctions against Cuba and Iran more than 80 times, the U.S. Treasury Department’s Office of Foreign Assets Control said.
