Hertz France must pay a 40,000 euros fine after personal information from almost 36,000 of its customers was found to be easily available online, according to a report by The Connexion.
The fine is a first of its kind in France for this type of data breach, according to the report. The Law for a Digital Republic was enacted in 2016.
Names, addresses, and driver’s license numbers of 35,357 people were found accessible on a website owned by Hertz France after investigations by the CNIL (the commission on computing and freedom), says the report.
The breach occurred due to an error by an outside contractor who had been developing the website. An accidental deletion of code meant that the details were republished publicly, according to the report.
The CNIL issued the fine after discovering that Hertz had failed to take all measures to safeguard the security of personal details of its customers, says the report.
Click here for the full Connexion report.