Virgin Media criticised after data breach of potential customers
Virgin Media has been ordered to encrypt all portable media following the loss of the details of 3000 people.
According to the Information Commissioner's Office, the individuals' data went missing after an unencrypted CD was lost by Virgin Media. The individuals were not Virgin staff or customers, but potential customers who had expressed interest in signing up to Virgin Media services. Details included names and addresses, and in some cases bank details.
The Information Commissioner's Office has deemed the loss as a breach of the Data Protection Act and it has now ordered Virgin Media to ensure all portable media that it uses to move data is encrypted. Any company Virgin Media uses for data processing also has to use encryption software.
A spokesman for Virgin Media said the telco had a policy in place to use encryption before the breach and the lost data had occurred as a result of ‘human error', with one staff member burning information to a CD outside the company's guidelines.
The spokesperson said: “When we found out we contacted everyone on the list and offered them credit protection to ensure they weren't at risk.” He added that staff training on data handling has also been stepped up.