Thursday , April 18 2024
Home / News / Economy / Greece’s giant mobile phone operator fined with €9.5million over data breach

Greece’s giant mobile phone operator fined with €9.5million over data breach

Greece’s telecommunications giant mobile phone operator Cosmote and parent company OTE have been slapped with fines of over 9 million euros by Greece’s Data Protection Authority over a breach of user records in September 2020.

The Greek watchdog fined Cosmote 6 million euros for failing to protect a file containing the call histories of thousands of customers from hackers and OTE another 3.25 million euros for failing to provide the necessary security infrastructure to prevent such an attack, media reported.

According to the company, the records that were hacked did not include the users’ names, personal details, the content of their calls or messages, or any other very sensitive information.

According to reports by researcher

you can read the DPAs decision here:
(in Greek only)

— Apostolis Fotiadis (@Balkanizator) January 31, 2022

” rel=”noopener” target=”_blank”> Apostolis Fotiadis, the hacking of the servers originated from a Lithuanian IP, and massive data leak revealed the haphazard retention of data including the incomplete conduct of the impact assessment, poor implementation of the anonymisation process and incomplete security measures.

The leak, the size and content of which remains undefined, included phone numbers, base stations coordinates, IMEI and IMSI codes, timestaps, call durations, subscriber’s pricing plans, as well as sensitive personal data associated with 4,2 million users including age, gender, and average revenue per user. This is extremely sensitive data that in the hands of the wrong people could largely compromise someone’s device and privacy.

The fine decision was issued on January 27, 2022.

Check Also

“Our Seas are not for Sale!” Greenpeace urges Greece to do more on the seas protection

“Our Seas are not for Sale!” With this illuminated message on the Acropolis, the Sounion …

One comment

  1. So under Data Protection laws , failing to secure private phone records is punishable with a €9 mill fine whilst at the same time the deliberate sharing of private medical status records by the Gov is OK?? (Health records to the Tax Dept. to enable the extortion of €100 per month from un-vaxxed pensioners).