The sum of £ 120,000 fine for details of employees remaining exposed.
Just before the new European privacy law came into effect, the responsible body in Britain decided to fine the University of Greenwich with an unprecedented £120,000. The University held an event in 2004 that was attended by a large number of people, and details of 20,000 employees, students and graduates of the academic institution remained unsafe. And were in fact hacked.
Until the introduction of the GDPR Act, there is a 1998 regulation that Greenwich University had to take much better security measures. Three years after the incident, attackers threatened to publish information of 3,500,000 people, including sensitive details that included diseases, learning difficulties and other details, the regulator reported.
“Students and members of staff had a right to expect that their personal information would be held securely and this serious breach would have caused significant distress,”
The university of course took responsibility for its irresponsibility and intends to pay the fine in full. In three days, the new law on information security for European citizens will come into force, with one of the tools for dealing with organizations that do not meet it is a fine that will be derived from the organization’s profits or up to 20 million euros.