EzNews Estonia - Lihtsustatud eestikeelsed uudised keeleõppijatele 🇪🇪
Meist
AKI määras Apotheka andmete haldajale suure trahvi

AKI määras Apotheka andmete haldajale suure trahvi

EN

AKI imposed a large fine on the manager of Apotheka's data

(AKI) määras Apotheka lojaalsusprogrammi haldavale ettevõttele Allium UPI OÜ suure trahvi. Trahvi suurus on . Ettevõte ei kaitsnud oma piisavalt.
EN

The Data Protection Inspectorate (AKI) imposed a large fine on Allium UPI OÜ, the company managing Apotheka's loyalty program. The fine amounts to three million euros. The company did not adequately protect its customers' data.

Turvaprobleem leidis aset 2024. aasta alguses. Uurimine näitas, et Allium UPI ei kasutanud põhilisi turvameetmeid. Volitamata isikud said ligi kliendiandmetele. Lekkinud andmed sisaldasid isikuandmeid, nagu nimi, isikukood, telefoninumber ja aadress. Samuti lekisid , mis sisaldas tervise ja intiimse elu kohta käivat teavet.
EN

The security issue occurred at the beginning of 2024. The investigation revealed that Allium UPI did not use basic security measures. Unauthorized individuals gained access to customer data. The leaked data included personal information such as names, personal identification codes, phone numbers, and addresses. Additionally, purchase history was leaked, which contained information about health and intimate life.

Allium UPI ei kasutanud mitmeid olulisi turvameetmeid. Näiteks puudus . Samuti kasutas mitu inimest sama t. Andmebaasi varukoopiad hoiti ebaturvaliselt.
EN

Allium UPI did not use several important security measures. For example, multi-factor authentication was missing. Multiple people also used the same administrator account. Database backups were stored insecurely.

AKI peadirektor Pille Lehis ütles, et kliendiandmete kaitse peab olema ettevõtte jaoks väga oluline. Allium UPI ei kaitsnud andmeid korralikult. See pani ohtu sadade tuhandete inimeste e.
EN

AKI Director General Pille Lehis stated that the protection of customer data must be very important for the company. Allium UPI did not properly protect the data. This endangered the privacy of hundreds of thousands of people.

AKI jurist Jekaterina Aader lisas, et AKI ülesanne on kaitsta inimesi, kelle andmed on lekkinud. Trahvi eesmärk on kohustada ettevõtteid parandama oma turvasüsteeme.
EN

AKI lawyer Jekaterina Aader added that AKI's task is to protect individuals whose data has been leaked. The purpose of the fine is to compel companies to improve their security systems.

Trahvi suurus määrati arvestades rikkumise ulatust, andmete tundlikkust ja ettevõtte käivet. Otsust tehti Euroopa Liidu reeglite alusel. Trahviotsus ei ole veel jõustunud. Ettevõttel on 15 päeva aega seda .
EN

The size of the fine was determined taking into account the extent of the violation, the sensitivity of the data, and the company's turnover. The decision was made based on European Union rules. The fine decision has not yet come into force. The company has 15 days to contest it.