Local authorities stung by hundreds of data breaches, reveals FoI

Cyber crime cripples councils as ICO urges caution over large data loss penalties

More than half of councils have suffered a data breach in the last two years, a Freedom of Information (FoI) request has revealed.

Of all 433 local authorities sent a request, 55 per cent admitted they have fallen victim to breaches of Official' level data, while many do not actually know how sensitive their data is.

Infrastructure provider Six Degrees Group's FoI found that 60 per cent of councils do not know how much Official-rated data they hold, or where it is.

One authority was hit by a whopping 213 data breaches over the last 24 months, though 34 per cent survived the entire period unscathed by any such cyber attack.

Two-thirds could not say how much of their data was sensitive, and many were unable to rate their data based on the government's security classifications.

Whitehall switched from an impact level rating to rate data either Top Secret' Secret' or Official' last year.

"This insight reveals a huge gap in approach within local authorities across the UK, with a worrying majority lagging in their understanding of the actual position they are in regarding data security," said Campbell Williams, group strategy director at Six Degrees Group.

"Breaches are commonplace - and what is equally as worrying is the serious lack of insight they have into their own situation," he added.

The news comes after the Information Commissioner's Office (ICO) called for a more "practical" approach to data protection regulation earlier this week.

It suggested it would not hand out huge fines, even though the much-debated EU Data Protection Regulation proposals could introduce a maximum penalty of five per cent of an organisation's annual turnover.

"It would be a mistake to believe that data protection authorities will be issuing huge fines left right and centre," said information commissioner Christopher Graham.

He pointed to a 250,000 fine his body issued against Sony in 2013 for a vast loss of customer data, saying a larger fine would be harder to levy.

"They're much more likely to fight us over 2% or 5% of that [turnover] figure than the 250,000 fine we imposed," he said.

Featured Resources

Unleashing the power of AI initiatives with the right infrastructure

What key infrastructure requirements are needed to implement AI effectively?

Download now

Achieve today. Plan tomorrow. Making the hybrid multi-cloud journey

A Veritas webinar on implementing a hybrid multi-cloud strategy

Download now

A buyer’s guide for cloud-based phone solutions

Finding the right phone system for your modern business

Download now

The workers' experience report

How technology can spark motivation, enhance productivity and strengthen security

Download now

Recommended

Misconfigured Git servers lead to Nissan data leak
hacking

Misconfigured Git servers lead to Nissan data leak

7 Jan 2021
BackupAssist teams with Wasabi to offer cheaper backup for businesses
backup

BackupAssist teams with Wasabi to offer cheaper backup for businesses

6 Jan 2021
Data: A resource much too valuable to leave unprotected
Whitepaper

Data: A resource much too valuable to leave unprotected

2 Dec 2020
Webhose and Signal Corp boost data breach detection
Security

Webhose and Signal Corp boost data breach detection

7 Oct 2020

Most Popular

WhatsApp could face €50 million GDPR fine
General Data Protection Regulation (GDPR)

WhatsApp could face €50 million GDPR fine

25 Jan 2021
How to move Windows 10 from your old hard drive to SSD
operating systems

How to move Windows 10 from your old hard drive to SSD

21 Jan 2021
What is a 502 bad gateway and how do you fix it?
web hosting

What is a 502 bad gateway and how do you fix it?

12 Jan 2021