Norway's data protection authority, Datatilsynet, announced a fine of NOK 4 million against municipality Ostre Toten due to security deficiencies that led to a ransom attack on its IT systems and data in January. The ransomware attack compromised all personal information of Ostre Toten residents and employees, some of which was later published online. Datatilsynet will also require Ostre Toten to develop a secure management system and carry out risk assessments.
26 Oct. 2021
Norway DPA fines municipality NOK 4M
RELATED STORIES
Notes from the IAPP Canada: DPAs to gather for 46th Global Privacy Assembly
Presidential election 2024: Where the candidates stand on privacy and AI governance policy
A view from DC: US government builds AI governance through policies, panels and procurement
Ontario IPC's Transparency Challenge submissions showcase personal data utilization
Notes from the Asia-Pacific region: Facial recognition in focus for NZ