Following procedures contained in the LGPD (Brazil’s new data protection law), the international company Enel, with operations in Brazil, has started contacting its customers in relation to a data breach affecting the data of at least 300 thousand clients in the city of Osasco. It is reported that the leak involved personal data, such as name, personal identity (CPF) and telephone numbers, and consumption data; such as address, meter-reading rates and even the payment history of its consumers, and affects an estimated 4% of the company’s customer base. It is still unclear how the leak occurred.
- Checklist Checklist: Managing a dawn raid Recently updated
- Checklist Checklist: When and how to appoint a data protection officer (EU) Recently updated
- Checklist Checklist: Data subject access rights under the GDPR (EU) Recently updated