AKI gave Allium UPI OÜ a big fine. The fine is three million euros. Allium UPI is a company. It manages Apotheka’s loyalty program. The company did not protect customer data well.
There was a security problem in early 2024. Unauthorized people got customer data. The leaked data had names, ID numbers, phone numbers, and addresses. Purchase history also leaked. It had info about health and private life.
The company did not use important security measures. For example, there was no multi-level authentication. Many people used the same administrator account. Database backups were not kept safely.
The fine is big because the problem is big. The decision is based on EU rules. The fine is not final yet. The company has 15 days to appeal.