Norway's data protection authority, Datatilsynet, announced a fine of NOK 4 million against municipality Ostre Toten due to security deficiencies that led to a ransom attack on its IT systems and data in January. The ransomware attack compromised all personal information of Ostre Toten residents and employees, some of which was later published online. Datatilsynet will also require Ostre Toten to develop a secure management system and carry out risk assessments.
26 Oct. 2021
Norway DPA fines municipality NOK 4M
Related stories
A view from Brussels: Putting AI to the test on EU privacy, data protection developments
Why organizations should prioritize employee data protection to combat spear phishing
Notes from the Asia-Pacific region: Santa's on his way, bringing guidance from Singapore's PDPC, adoption of Vietnam's Data Law and more
EDPB weighs in on key questions on personal data in AI models
New tools aim to improve data activity monitoring, compliance efficiency
