ITALY'S data protection authority fined WINDTRE €1.7 million due to severe data security issues that resulted in unauthorized breaches and exposure of personal information of over 365,000 customers. The breaches occurred after hackers impersonated support technicians to access corporate systems. Deficiencies in managing login credentials and digital certificates were cited, as security audits failed to reveal vulnerabilities.
The Authority stressed compliance with GDPR principles, mandated improvements in digital security measures, and considered the company's timely incident reporting and cooperation during the investigation.