Swedish DPA fines Trygg-Hansa $3.2M for GDPR breaches
By 
Kyle Brasseur2023-08-31T16:55:00
Sweden’s data protection authority (DPA) issued a penalty of 35 million Swedish krona (U.S. $3.2 million) against insurance company Trygg-Hansa for alleged security flaws that made customer insurance information accessible on the internet.
The issue occurred in November 2020 at Moderna Försäkringar, which Trygg-Hansa merged with in April 2022, the company said in a translated clarifying statement. Trygg-Hansa said the issue did not affect its customers.
The Swedish DPA said in a translated press release Wednesday its review, informed by a customer tip, found the data of 650,000 Moderna Försäkringar customers was left accessible from October 2018 to February 2021. The tipster “noticed that it was possible to access other policyholders’ documents, without any kind of login, by simply replacing a few numbers in the web link,” according to the regulator.
THIS IS MEMBERS-ONLY CONTENT
You are not logged in and do not have access to members-only content.
If you are already a registered user or a member, SIGN IN now.
Related articles
-
News BriefAxpo Italia fined $10.5M in GDPR case over data processing
Axpo Italia, a producer and trader of renewable energy products, was penalized under the General Data Protection Regulation by the Italian data protection authority for processing inaccurate and outdated personal data of customers.
-
News BriefEOS Matrix battles back against Croatian DPA in $5.8M GDPR case
Debt collector EOS Matrix said it will challenge a General Data Protection Regulation penalty levied against it by the Croatian data protection authority after finding the data in question in the case does not match the data in its database.
-
PremiumPressure on DPAs to ensure success of GDPR cross-border proposal
Plans to speed up General Data Protection Regulation cases against the likes of Big Tech firms by improving cooperation among the European Union’s data regulators have been largely welcomed by experts.
More from Regulatory Enforcement
-
News BriefFTC sues Uber over deceptive subscriptions, a rare move for consumers by Trump officials
The Federal Trade Commission (FTC) filed a lawsuit against Uber, alleging the ride-hailing company signed customers up for its Uber One subscription without consent, then made it hard for them to cancel. The move marks the U.S. government’s latest broadside against big tech companies, and the first major action from ...
-
News BriefCFPB pullback signals further shift toward industry-friendly regulation
The U.S. Consumer Financial Protection Bureau continues to unravel amid pressure from Trump administration officials to shutter the agency. Not only has the agency informed its employees that it will no longer be a watchdog for the financial services industry, it has also laid off employees despite court orders blocking ...
-
News BriefTrump’s CFPB, dismissing Comerica case, continues to cut down Biden-era lawsuits
The Consumer Financial Protection Bureau dropped yet another consumer protection lawsuit against a bank or fintech provider since Donald Trump was sworn in as president in January. This time, it was with Comerica Bank.