ICO: 94 data breaches in six months

gallery

Almost a hundred data breaches have been reported to the Information Commissioner's Office (ICO) in the six months since the HM Revenue and Customs breach.

Of the 94 reported cases, 62 were from the public sector, 28 were private sector and four were in the voluntary sector.

Half of the reported breaches were by financial institutions. A third of those reported to the data watchdog by public organisations happened in central government. A fifth of public data breaches were by NHS organisations, the ICO said.

Richard Thomas, the Information Commissioner, said: "It is particularly disappointing that the HMRC breaches have not prevented other unacceptable security breaches from occurring. The government, banks and other organisations need to regain the public's trust by being far more careful with people's personal information."

The cases referred to the ICO include missing and unencrypted laptops and memory sticks as well paper records. Some of it was stolen. In other cases - such as HMRC - data went missing in the post.

Thomas urged businesses and public organisations to make data protection a priority. "The level of understanding about data protection and the need to safeguard people's personal information have no doubt increased and I am encouraged that more chief executives and permanent secretaries appear to be taking data protection more seriously. But the evidence shows that more must be done to eradicate inexcusable security breaches," he said in a statement.

The ICO said it is investigating all the reported breaches and has told organisations to make procedural changes - such as making data encryption mandatory - in 16 cases so far. In three cases, the missing data was recovered.

For details on some of the publicly-announced breaches, see IT PRO's data breach timeline.

Email to a friend

Print this page