Weak authorization. Price: €9 550 000

Weak authorization. Price: €9 550 000

The German teleoperator 1 & 1 Telecom GmbH has been fined 9.55 million euro for non-compliance with the GDPR.It has been found that customers only had to state name and birth date to access additional personal information in 1&1s call centers.The German BfDI finds that 1&1 is violating the demand for organizational and technical measures in article 32. The fine is issued although 1&1 has been very cooperative, and also solved the problems it had with poor authentication and extensive information access for their callers.https://www.bfdi.bund.de/SiteGlobals/Modules/Buehne/DE/Startseite/Pressemitteilung_Link/HP_Text_Pressemitteilung.html