The Norwegian Supervisory Authority has issued a 170 thousand euro GDPR penalty. The grounds for such penalty consist of not having taken appropriate measures to ensure Personal Data Security, Confidentiality and Privacy under GDPR Articles 5 and 32. The penalty was issued towards the Municipality of Bergen for a breach reported by students of a local Public School (the school is managed by the Municipality).

Read more here: https://www.linkedin.com/pulse/fresh-170k-euro-gdpr-penalty-just-having-one-single-file-rui-serrano/?sfns=mo