The national Commission on informatics and liberties (Cnil) has announced on Wednesday, having made a public warning against Cdiscount, a subsidiary of e-commerce Casino, for “serious violations” to the security of the data.
The commission, which states having received 80 complaints concerning the disclosure of data to unauthorized third parties, has conducted several monitoring missions between February and march 2016.
“The existence of multiple defects” has led the Cnil to engage in a procedure of sanction in the form of public warning, and a procedure of formal notice.
The Cnil points, in particular the storage in databases of several million accounts of former customers and prospects, without any suppression or limitation of the duration, or preservation of more than 4,000 data bank, associated to some of the cryptograms, visual, non-secure way.
If, since then, the company has put in place corrective measures, this public sanction is, however, justified due to the nature and the amount of data in question, ” added the commission.