Possible Decrease in Lost Devices by UK Government Departments

Whilst discussions of information security tend to focus on high-tech cyber attacks; the reality is that many data breaches are down to human error. Generally the biggest single cause of data breaches reported to the Information Commissioner’s Office is simply people sending information to the wrong people. Loss or theft of devices is another significant […]

Will Ransomware Attack Lead to Fuel Shortages in the US?

Concerns are growing about the impact of a ransomware attack on one of the major oil pipeline networks in the US.  The Colonial Pipeline, which carries 100 million gallons of refined oil products a day from Houston as far North as New York, has been closed since Friday following a ransomware attack. Emergency legislation has […]

Information Security Issues for New Alba Party

Only 48 hours after the dramatic launch of Alex Salmond’s Alba Party, the Herald on Sunday reported that the names of more than 4,000 people who had signed up to attend party events were inadvertently made public.  Amusingly (or not, depending on your viewpoint), the list apparently contained a number of high-profile SNP members.  The […]

Will the Number of GDPR Fines Keep Rising?

The GDPR Enforcement Tracker website shows a dramatic increase in the number of fines being issued for data breaches in recent months.  Across Europe only 75 fines were levied in the first two years after GDPR came into force, or about 3 fines per month.  However, in the last 9 months a further 72 fines […]

How Bad is the Serco Ransomware Attack?

Nearly a week on from Sky News breaking the story that Serco had been the victim of a ransomware attack, details of the incident are still very sketchy.  From a UK perspective, we are being reassured that the attack has only affected systems on mainland Europe; so that the NHS Test and Trace programme is […]

How Long Will SEPA be Disrupted by Ransomware Attack?

More details have emerged in the last couple of weeks of the significant impact of the ransomware attack on the Scottish Environment Protection Agency (SEPA) that began on Xmas Eve.  Nearly 4 weeks on, it has emerged that the email system is still down and that emails submitted since the attack began cannot be accessed.  […]

PNC Data Loss – Where are the Backups?

Many of us woke up in the UK this morning to the story that, unbelievably, 150 000 records had been erroneously deleted from the Police National Computer.  The data loss, which occurred during a regular weekly purge of data, has been attributed to a coding error which has now been rectified.  Reassuring as this may […]

Manchester United Hit by Cyber Attack

Whilst the news that Manchester United had been hit by a “sophisticated operation by organized cyber criminals” was widely reported on Saturday, little detail has emerged since.  In particular, there has been no update to the club’s original statement that “We are not currently aware of any breach of personal data associated with our fans […]

Information Commissioner Fines Marriott International £18.4m

Following hot on the heels of the announcement of a £20m fine for BA, the Information Commissioner’s Office (ICO) issued a final penalty of £18.4m on Marriott International last Friday.  Once again, this has been a long-running saga including, as with BA, the proposal last year of a much larger fine of £99m.  It also brings […]

Information Commissioner Finalises BA Penalty – What Have we Learnt?

The long-running saga of the BA data breach reached its conclusion (probably) last week with the announcement by the Information Commissioner’s Office (ICO) of a £20m fine.  Initial comments focused on the huge reduction from the £183m fine that the ICO initially proposed last year; but this is still a significant fine, both in total […]