Fine was imposed on the mobile operator in Romania Orange as it did not secure the confidential information of its customers.
The issue was discovered by a customer who gave his phone for repair and received a temporary device to use it until the repair on his own device was completed.
The customer noticed that the temporary device contained personal information of previous users, including automatic log-in for online services, details of bank account balances, text messages, and a list of their contacts.
The customer informed Orange about the items on the device, but he claimed that his complaint had not been taken into account by the company.
The National Supervisory Authority for the Processing of Personal Data (ANSPDCP) in Romania investigated the incident and concluded that Orange did not comply with the rules for securing confidential information.
As a result, the company received the fine of 10.000 RON / € 2.255 / $ 2.800, given that the temporary telephone equipment provided by the repair department is owned by Orange.