The Spanish Data Protection Agency (AEPD) has fined BBVA 1.64 million euros for violating several articles of privacy regulations in its management of the case of an elderly woman whose card and bank account were stolen. and their identity documents. With this information, the assailants contracted new credit cards associated with the stolen account, requested loans, made fraudulent charges, transfers and opened new accounts in the victim’s name. Although her family had notified the entity of the situation, it claimed the debt incurred by the criminals for months.
The BBVA even registered the elderly woman in several files of defaulters, which caused her to be contacted by companies specialized in debt collection that pressured her to pay the overdraft on her accounts that the criminals had caused.