Ninety four more breaches reported since the HMRC case

By Ron Condon, UK Bureau Chief 23 Apr 2008 | SearchSecurity.co.uk

Security UK News Digg This!     StumbleUpon     Del.icio.us

Losses of personal data are running at an "alarming" rate, according to the Information Commissioner, Richard Thomas.

The government, banks and other organisations need to regain the public's trust by being far more careful with people's personal information. Richard Thomas, Information Commissioner

This week he revealed that since the notorious loss of 25 million records by HMRC last November, 94 other organisations have notified his office of security breaches involving personal information.

In a written statement, Thomas said: "It is particularly disappointing that the HMRC breaches have not prevented other unacceptable security breaches from occurring. The government, banks and other organisations need to regain the public's trust by being far more careful with people's personal information."

The public sector accounted for 62 breaches, private companies reported 28 incidents, and the remaining four occurred in the charity sector.

The incidents covered the whole gamut of security breaches, and included the loss of unencrypted laptops and computer discs, memory sticks and paper records. Information had been stolen, gone missing in the post or in transit with a courier. The material included a wide range of personal details, including financial and health records.

Since the UK has no mandatory disclosure laws, the number of reported cases is viewed as the tip of a much larger iceberg. Chris Potter, a partner at PWC, said: "The real figures are much larger. The big financial institutions are now more ready to disclose any breach to the regulators, but smaller companies are less likely to."

Thomas said that in 16 of the cases his office is investigating, he had requested changes in procedures to improve security, such as implementing encryption. In three cases, the information had been recovered.

For information, go to www.ico.gov.uk

Tags: Database Security Tools and Techniques,  Data Protection Solutions and Strategy,  VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Database Security Tools and Techniques Multifunction security device safeguards SOA, streamlines company's infrastructure Safend expands data leakage prevention product to plug more gaps How to prevent memory dump attacks Database activity monitoring lacks security lift Report: Firms avoid encrypting backup tapes, databases Cryptography for the rest of us Recent breaches show data theft prevention basics lacking Unpatched vulnerability discovered in Microsoft SQL Server How to use Excel for security log data analysis SQL injection continues to trouble firms, lead to breaches Data Protection Solutions and Strategy Enterprise data management: Prevent data loss and insider threats NSA, cryptoexperts jab at RSA Conference 2010 Cryptographers' Panel Make PCI DSS compliance easier by reducing scope, outsourcing data Data Protection Act fines likely limited, audit powers may expand Websense integrated security system aims to simplify security management Full disk encryption: Safer and easier than file and folder encryption No major PCI DSS revision expected in 2010 Data breach costs continue to rise in 2009, Ponemon study finds Chinese hacker attacks target Google Gmail accounts, top tech firms Annual security reports offer some hope

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary Serious Organized Crime Agency  (SearchSecurityUK.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary