PNC Data Loss – Where are the Backups?

Many of us woke up in the UK this morning to the story that, unbelievably, 150 000 records had been erroneously deleted from the Police National Computer.  The data loss, which occurred during a regular weekly purge of data, has been attributed to a coding error which has now been rectified.  Reassuring as this may […]

Information Commissioner Fines Marriott International £18.4m

Following hot on the heels of the announcement of a £20m fine for BA, the Information Commissioner’s Office (ICO) issued a final penalty of £18.4m on Marriott International last Friday.  Once again, this has been a long-running saga including, as with BA, the proposal last year of a much larger fine of £99m.  It also brings […]

High Profile Data Breaches at Virgin Media and Network Rail

Understandably we are all focused on the growing threat of coronavirus; but that doesn’t mean that other risks have gone away.  In particular this week we saw announcements of high-profile data breaches at Network Rail and Virgin Media. On Monday it emerged that the email addresses and travel details of about 10,000 people who used […]

GDPR Fines Starting to Bite

A report published recently by DLA Piper looks at the impact of GDPR, 18 months on from coming into force across the EU.  So far 160 000 breaches have been reported, including: 40 000 in the Netherlands; 37 000 in Germany; and 22 000 in the UK. The report states that the fines imposed to […]

ICO Reports Increase in Data Protection Concerns and Self-Reported Breaches

The Information Commissioner’s Office (ICO) published its report for the year 2017/18 last month, containing a useful update on the prevalence of information security issues. Firstly, the ICO reported that the number of data protection concerns raised had risen to 21019 (up 15% from last year).  In a similar pattern to last year, 32% of […]

A Busy Week for the Information Commissioner's Office

Last week was a very busy week for the ICO – and nothing to do with GDPR…. First came the announcement on 12th June that Yahoo! UK Services Ltd was being fined £250 000 for the massive data breach in 2014 (disclosed in 2016) affecting 500 million users globally.  Specifically, the ICO’s investigation focused on […]

Big Rise in Cyber Essentials Certifications Over the Last Three Months

There appears to have been a big rise in the number of organisations certifying to the Cyber Essentials standard over the last three months.  Data from the four certifying bodies in August 2017 revealed that nearly 4600 organisations were certified at that stage, but this has now risen to over 5500; an increase of more […]

Extremely Sensitive Data Breaches

We are now becoming so used to data breaches that only the most spectacular example receive much attention.  Usually they are spectacular because of the sheer volume of data, such as the Yahoo! breach of 2013; but on this occasion the newsworthy feature of the attacks is the sensitivity of the data that was compromised. […]

15% of Organisations have "Lost Sensitive Data" in the Last Year

According to the Business Continuity Institute’s (BCI) inaugural Information Security Report, 15% of organisations “lost sensitive data” in the last 12 months. Indeed the actual figure could be higher, as a further 15% don’t know if they did or didn’t. Whatever the precise figure, it is broadly in line with a report from IBM in […]

TalkTalk Fined Again by the Information Commissioner's Office

The October 2015 data breach at TalkTalk, resulting in the theft of personal data of almost 157,000 customers and a record £400 000 fine, has been widely reported  here and elsewhere.  However, another serious breach has not been so widely reported. TalkTalk began investigating in September 2014, after receiving complaints from customer that they were […]