In-depth

Lessons to learn from a year of data breaches

In the year since the HMRC data breach, many more have been made public – here’s a roundup of 11 lessons (we should have) learned.

It was the data breach that kicked it all off a year ago this week, the government admitted HM Revenue and Customs had lost two discs containing records on 20 million people.

The tax body had dumped data on a third of the population including children onto a pair of unencrypted discs and sent them off with a courier, not once, but twice.

Advertisement - Article continues below

In the uproar that followed, more and more stories about data breaches in the public and private sector began to be noticed and reported. Indeed, since the mess at HMRC, some 277 such mishaps have been reported to data watchdogs at the Information Commissioner's Office (ICO). Lost USB drives, stolen laptops and even papers left on a train have left millions of people in this country open to identity theft and fraud not to mention, a bit pissed off.

The government responded with amusingly ignorant debates in Parliament and massive reports two were released in one day offering reams of advice on how to avoid another HMRC.

But it's not exactly rocket science, now is it? In case you haven't been paying attention, we've gathered up the top 10 lessons to be learned from this year of data breaches.

Advertisement
Advertisement - Article continues below

Lesson One: The public wants to know about data breachesIt's no surprise newspapers jumped all over the HMRC incident. Uncovering a massive government error, caused by funding cuts and incompetence, is the stuff of happy dreams for journalists trust us on this one.

Advertisement - Article continues below

The tale of millions of records including banking details going missing because of such complete and utter foolishness didn't sit well with the public at all. And it shouldn't. Everyone affected faces identity theft and fraud because of incidents like this one; phishing attacks based on the HMRC debacle have already occurred, and those didn't even require the discs to fall into the hands of criminals.

So HMRC became a watershed. The odd big data breach was covered by the press before last November, but usually only if the story was connected to a large fine. Now, every lost laptop or misplaced memory stick was cause for a headline and outrage. The public you, me and everyone else had learned that poor data management could hurt them.

Unsurprisingly then, people have started calling for data breach notification laws. Companies are not legally required to tell their customers and citizens when data goes missing, but surveys have suggested the general public want such legislation, even if IT directors aren't so enthusiastic. Lesson Two: People can be sackedIt's something many people have called for over the past year someone to be held responsible for data losses. While the head of HMRC Paul Gray did step down after the breach, it was also for overall organizational concerns, which were certainly highlighted by the breach, but not the only symptom of troubles at the tax body.

But since then, laptops and USBs and discs have disappeared, and no one has been publicly sacked except in one case, involving Colchester Hospital.

Featured Resources

Staying ahead of the game in the world of data

Create successful marketing campaigns by understanding your customers better

Download now

Remote working 2020: Advantages and challenges

Discover how to overcome remote working challenges

Download now

Keep your data available with snapshot technology

Synology’s solution to your data protection problem

Download now

After the lockdown - reinventing the way your business works

Your guide to ensuring business continuity, no matter the crisis

Download now
Advertisement
Advertisement

Most Popular

How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

3 Aug 2020
How to use Chromecast without Wi-Fi
Mobile

How to use Chromecast without Wi-Fi

4 Aug 2020
How do I fix the Windows 10 Start Menu if it's frozen?
operating systems

How do I fix the Windows 10 Start Menu if it's frozen?

3 Aug 2020