• Categories

  • Archives

    « Home

    Guardian (UK): Privacy is at risk owing to basic security failures, warns information regulator

    The Guardian reports on warnings concerning privacy by the UK Information Commissioner’s Office:

    British people’s privacy is being put in danger because organisations are failing to get rudimentary security right, the information commissioner’s office warned on Monday.

    In a review of the breaches reported to the privacy regulator, the ICO uncovered some common basic errors that led to data breaches, including failing to update software and poor password management.

    “It’s the same sort of breaches occurring again and again,” the ICO’s group manager for technology Simon Rice told The Guardian. […]

    The ICO can impose fines up to £500,000 for the most egregious breaches of the Data Protection Act, although that limit is set to increase. The largest fine yet handed out by the ICO was a £325,000 penalty for Brighton and Sussex University Hospitals NHS Trust, after patient data was found on hard drives sold on an online auction site.

    While that is pocket change to those big businesses that have been guilty of letting data slip, the ICO believes that the reputational damage of a breach can cause a substantial amount of financial harm too. […]

    One of the mistakes highlighted in the ICO’s report is failure to keep software up to date, a problem that has become even more urgent since Microsoft stopped supporting its Windows XP operating system in April. Many government departments and bodies, including the NHS, continue to use XP, placing them at greater risk of being hacked.

    Leave a Reply