Scottish council rapped for data breach blunder

Data is mistakenly placed online for over a month before the council discovers the error.

Data security

Dumfries and Galloway Council has been caught out by the Information Commissioner's Office (ICO) after details of 900 people were accidentally placed online.

Names, salaries and dates of birth of nearly 900 current and former employees of the council were mistakenly placed on its website as part of a Freedom of Information request response.

The data was open to anyone who visited the site between 23 March and 1 June 2011.

Procedures clearly went wrong in this case...

The information was only removed after affected individuals and a trade union put in complaints.

"Being open about council pay is a fundamental way that citizens can hold local authorities to account, but that should never be at the expense of upholding individuals' privacy rights," said Ken Macdonald, assistant commissioner for Scotland at the ICO.

"Procedures clearly went wrong in this case and I'm pleased that the council is reviewing its practices in light of the lessons that have been learned."

No fine was handed out, but the council agreed to carry out an audit of its data protection practices and improve on them.

The ICO has steered clear of issuing any fines of late, even in light of a slew of serious data breaches.

Earlier this month, it emerged East Surrey Hospital lost medical data of 800 patients in late 2010, marking another low point in the life of NHS information security.

Later in October, two educational institutions were caught breaking the Data Protection Act after failing to protect laptops that were later stolen.

Featured Resources

Four cyber security essentials that your board of directors wants to know

The insights to help you deliver what they need

Download now

Data: A resource much too valuable to leave unprotected

Protect your data to protect your company

Download now

Improving cyber security for remote working

13 recommendations for security from any location

Download now

Why CEOS should care about the move to SAP S/4HANA

And how they can accelerate business value

Download now

Recommended

DeviceSHIELD combats rising cyber attacks and online fraud amid COVID-19
Security

DeviceSHIELD combats rising cyber attacks and online fraud amid COVID-19

24 Nov 2020
350,000 Spotify users hacked in credential stuffing attack
Security

350,000 Spotify users hacked in credential stuffing attack

24 Nov 2020
WAPDropper malware hooks you up to premium telecoms services
Security

WAPDropper malware hooks you up to premium telecoms services

24 Nov 2020
VMware sounds alarm over zero-day flaws in multiple products
Security

VMware sounds alarm over zero-day flaws in multiple products

24 Nov 2020

Most Popular

macOS Big Sur is bricking some older MacBooks
operating systems

macOS Big Sur is bricking some older MacBooks

16 Nov 2020
46 million Animal Jam accounts leaked after comms software breach
Security

46 million Animal Jam accounts leaked after comms software breach

13 Nov 2020
How computing has revolutionised Formula 1
Sponsored

How computing has revolutionised Formula 1

11 Nov 2020