CNIL to impose a fine of 200 000 USD on Active Assurances

Tweet

Active AssurancesThe National Commission on Informatics and Liberty (CNIL) has fined Active Assurances 180 000 EUR (200 000 USD) following security problems of the insurer's customers.

The investigation carried out by the independent administrative authority has revealed a security flaw in the website of the insurance company: Active Assurances.

In fact, the security of policyholders' accounts is vulnerable as they are accessible via hyperlinks referenced on search engines. This security breach, damaging thousands of accounts, was reported by a customer in June 2018. Many terminations have since been recorded.

The CNIL has also pointed to the following shortcomings:

  • insufficient security of the passwords chosen based on the customers' birth date.
  • lack of protection in the transmission of personal data, the password and username being transmitted in plain text in the body of the emails.

The CNIL's entity in charge of imposing sanctions believes that the company has violated the obligation to secure personal data as established in the General Data Protection Regulation (GDPR). However, it acknowledges the company's good responsiveness and the quality of its cooperation.

Read also | Insurance fraud

0
Your rating: None
Tue, 30/07/2019 - 10:09
© 2024 Groupe Atlas
Advertising Program          Terms of Service          Copyright          Useful links          Social networks          Credits