Article

Ninety four more breaches reported since the HMRC case

Ron Condon

Losses of personal data are running at an "alarming" rate, according to the Information Commissioner, Richard Thomas.

The government, banks and other organisations need to regain the public's trust by being far more careful with people's personal information.
Richard Thomas,
Information Commissioner

This week he revealed that since the notorious loss of 25 million records by HMRC last November, 94 other organisations have notified his office of security breaches involving personal information.

In a written statement, Thomas said: "It is particularly disappointing that the HMRC breaches have not prevented other unacceptable security breaches from occurring. The government, banks and other organisations need to regain the public's trust by being far more careful with people's personal information."

The public sector accounted for 62 breaches, private companies reported 28 incidents, and the remaining four occurred in the charity sector.

The incidents covered the whole gamut of security breaches, and included the loss of unencrypted laptops and computer discs, memory sticks and paper records. Information had been stolen, gone missing in the post or in transit with a courier. The material included a wide range of personal details, including financial and health records.

Since the UK has no mandatory disclosure laws, the number of reported cases is viewed as the tip of a much larger iceberg. Chris Potter, a partner at PWC, said: "The real figures are much larger. The big financial institutions are now more ready to disclose any breach to the regulators, but smaller companies are less likely to."

Thomas said that in 16 of the cases his office is investigating, he had requested changes in procedures to improve security, such as implementing encryption. In three cases, the information had been recovered.

For information, go to www.ico.gov.uk


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy