The company which owns the telecom was made to pay damages to customers whose sensitive data was exposed in a 2013 hack.
MBL reports that Reykjavík District Court ruled in favour of three plaintiffs who sought damages against Fjarskipti hf, the company which owns Vodafone in Iceland, when sensitive customer data was exposed in the wake of a cyberattack in 2013.
In all, the plaintiffs were awarded 2.7 million ISK in damages. While the grand total is less than what any one of them sought, Fjarskipti hf was also ordered to pay for their legal fees, and interest will be compounded on the damages. They were also ordered to step up their security measures.
As reported, despite initial contentions to the contrary, it came to light that Vodafone had been storing customer data on their servers far longer than they were supposed to. This led to even some customer text messages being made public.
Ultimately, the Data Protection Authority ruled that storing these text messages was in violation of Iceland’s law on privacy protection and the treatment of personal information.
The hacker group not only broke into Vodafone’s servers, but also published the texts, passwords, and personal data of over 70,000 Vodafone customers in Iceland.