GDPRTransport

PKP Intercity

€1,800,000

Authority

UODO

Country

Poland

Date Issued

November 10, 2022

Industry

Transport

Summary

PKP Intercity failed to implement appropriate security measures to protect passenger data, leading to unauthorized access and inadequate breach notification.

Violation Types

SecurityData Breach

Articles Violated

Art. 32 GDPRArt. 33 GDPR

View original enforcement decision

View Poland regulatory profile →Search related breaches →

Related Enforcement Actions

Meta Platforms Ireland

DPC · GDPR · May 22, 2023

€1.2B

Amazon Europe Core

CNPD · GDPR · July 16, 2021

€746M

X Corp

DPC · GDPR · December 1, 2023

€550M

Meta Platforms Ireland

DPC · GDPR · September 5, 2022

€405M

Meta Platforms Ireland

DPC · GDPR · January 4, 2023

€390M

Avoid enforcement risk with automated compliance

IQWorks helps organizations automate GDPR compliance before regulators come knocking.

Talk to an Expert