The Data Protection Authority imposed a €6,000,000 fine on Cosmote and €3,250,000 on OTE for leaking the personal data of millions of consumers.
Following COSMOTE’s notification of the personal data breach incident that was identified in early September 2020, the agency investigated the circumstances and, in this context, examined the legality of storing “leaked” files, as well as the security measures applied by the company.
What is the company’s response?
After the announcement of the Office for the Protection of Personal Data (Αρχή Προστασίας Δεδομένων Προσωπικού Χαρακτήρα, APDP) of its decision on the cyber attack incident with the victim of COSMOTE, which occurred in September 2020, the company notes that it has applied and is implementing all available measures to protect itself. They discovered the cyber attack themselves, taking all the necessary measures, and informed the competent authorities from the first moment, as provided.
As acknowledged by the Office of the APAP, the company fully cooperated with them and took appropriate measures to eliminate the incident. As for the affected customers of the company, no action was required. In any case, the company does not lose its legal rights.
The phenomenon of cyberattacks is a daily occurrence all over the world, for all technological systems of companies, organizations and institutions. OTE Group counters over 500,000 third-party malicious attacks every month.