Losses of personal data are running at an "alarming" rate, according to the Information Commissioner, Richard Thomas.
| |||||||||||||||||
Requires Free Membership to View
SearchSecurity.co.UK members gain immediate and unlimited access to breaking UK industry news, virus alerts, new hacker threats, highly focused security newsletters, and more -- all at no cost. Join me on SearchSecurity.co.UK today!
Michael S. Mimoso, Editorial Director
This week he revealed that since the notorious loss of 25 million records by HMRC last November, 94 other organisations have notified his office of security breaches involving personal information.
In a written statement, Thomas said: "It is particularly disappointing that the HMRC breaches have not prevented other unacceptable security breaches from occurring. The government, banks and other organisations need to regain the public's trust by being far more careful with people's personal information."
The public sector accounted for 62 breaches, private companies reported 28 incidents, and the remaining four occurred in the charity sector.
The incidents covered the whole gamut of security breaches, and included the loss of unencrypted laptops and computer discs, memory sticks and paper records. Information had been stolen, gone missing in the post or in transit with a courier. The material included a wide range of personal details, including financial and health records.
Since the UK has no mandatory disclosure laws, the number of reported cases is viewed as the tip of a much larger iceberg. Chris Potter, a partner at PWC, said: "The real figures are much larger. The big financial institutions are now more ready to disclose any breach to the regulators, but smaller companies are less likely to."
Thomas said that in 16 of the cases his office is investigating, he had requested changes in procedures to improve security, such as implementing encryption. In three cases, the information had been recovered.
For information, go to www.ico.gov.uk