Security News > 2021 > November > Surveillance firm pays $1 million fine after 'spy van' scandal
The Office of the Commissioner for Personal Data Protection in Cyprus has collected a $1 million fine from intelligence company WiSpear for gathering mobile data from various individuals arriving at the airport in Larnaca.
While this is just an administrative fine under the European Union's General Data Protection Regulation, it is related to a scandal two years ago widely publicized as the "Spy van" case.
In 2019, a Chevrolet van packed with at least $3.5 million worth of equipment that could hack Android smartphones and steal data including WhatsApp and Signal messages, was stationed near the Larnaca airport.
€925,000 fine for collecting MAC and IMSI. In a press release today, the data protection watchdog in Cyprus announced that WiSpear paid an administrative fine of 925,000 euros for GDPR violations.
Irene Nicolaidou, the Commissioner for the Protection of Personal Data in Cyprus said that WiSpear's van collected the Media Access Control address and International Mobile Subscriber Identity of multiple devices.
When the "Spy van" scandal broke in 2019, local media said that the Cyprus police seized the vehicle in mid-November and started an investigation months after Forbes journalist Thomas Brewster published a story about Tal Dilian, the owner of the van and CEO of WiSpear.