UK data breaches up tenfold since 2007

Data breaches in the UK across all sectors have increased an average of more than tenfold in the past five years, research has uncovered.

Data breaches in the UK across all sectors have increased an average of more than tenfold in the past five years, security firm Imation has uncovered.

The Information Commissioner’s Office (ICO) revealed the figures in response to a request by Imation under the Freedom of Information Act.

The figures show a huge growth in the number of self-reported data breaches occurring each year since 2007, with the biggest increase in the local government sector.

Data breaches in this sector have increased nearly 17 times since 2007, while in the other public sector organisations they have increased by nearly 14 times.

In contrast, the number of breaches in the private sector increased by nearly 12 times, while the number reported by the NHS is only a little over nine times greater. The number reported by central government is just under a third greater.

But the most recent results show that the NHS had the most incidents in the second quarter of 2012 with 61 breaches, closely followed by local government (59) and general business (26).

“The massive increase in data breaches in just five years is fairly startling,” said Nick Banks, head of Imation mobile security in Europe and Asia-Pacific.

“Perhaps more alarming, is the consistent year-on-year increase in data breaches since 2007. The figures obtained from the ICO by Imation seem to show that increasing financial penalties have had little effect on the number of data breaches each year,” he said.

Banks said that while factors such as the introduction of mandatory reporting in some sectors and the increasing amounts of data being stored have contributed to the rise in data breach numbers, none obscures the clear trend of constant increases.

“The latest full-year figures show that there were 821 data breaches in the UK in 2011/12, which is deeply worrying,” he said.

According to Banks, organisations must take responsibility for preventing breaches, and with so much available technology there really is no excuse for failing to adequately protect data.

“The current trend of increases must be reversed, and there is no reason why that is not achievable,” he said.


Read more on Privacy and data protection