Roskomnadzor asks Oriflame to provide info on data leak incident
MOSCOW. Aug 24 (Interfax) - Oriflame has been asked to explain a client data leak or face a fine, the Federal Service for Supervision of Communications, Information Technology and Mass Media (Roskomnadzor) told Interfax on Tuesday.
"Following a leak of the personal data of the Russian clients of the cosmetics company Oriflame, Roskomnadzor sent a relevant request to the company demanding it provide detailed information on the incident," the regulator said.
"If the fact is confirmed that Oriflame breached its obligation to protect personal data confidentiality the company could face an administrative fine of up to 100,000 rubles (part one Article 13.11 of the Administrative Code)".
"At present, the stolen database of Oriflame clients had been detected on three Internet resources. Two of them have been blocked and the third deleted the link to the base," Roskomnadzor said.
Affected citizens are entitled to a commensurate compensation both in court and out of court, the regulator said.
Earlier, the Kommersant newspaper reported that passport scans of 1.3 million Russian Oriflame clients were put up for sale on a hacker forum. The company stated on its website that it had been hit by a series of cyberattacks which led to unauthorized access to its information systems.