For breaching the Protection Obligation, a financial penalty of $26,000 was imposed on Cognita Asia Holdings for failing to put in place reasonable security arrangements to protect the personal data in its possession from a ransomware attack.

QCP Capital was found not in breach of the PDPA in relation to an incident whereby threat actor(s) exfiltrated personal data via unauthorised access to an employee's account.

Access the Decisions here.

Follow us on Telegram for the latest updates on personal data protection: https://t.me/pdpcsg