ICO News, Articles and Updates

Homes and Communities Agency breach reported to ICO

Ahead of GDPR, even minor breaches are now being reported, with the UK government agency, the Homes and Communities agency, notifying the ICO of a limited breach of its information security policy on Monday 9 October.

Poor staff monitoring sees £100k fine for TalkTalk 21,000 record breach

The Information Commissioner's Office (ICO) fined TalkTalk Telecom Group PLC £100,000 because it did not have appropriate technical or organisational measures in place to keep personal data secure.

ICO fines grocers Morrisons for sending unwanted emails to customers

The Information Commissioner's Office (ICO) has run an investigation and concluded that Morrisons intentionally sent thousands of marketing emails to its card members.

Why the UK needs to adopt US healthcare approaches to information security sharing

The UK Government wants more robust protections in place to defend NHS patient data. US-style stakeholder collaboration could be even more effective in protecting patient data, says Jamie Stone.

The role of the ICO in the GDPR

Norman Shaw looks at what the latest reports are signalling about the state of readiness for the GDPR, and the role of the ICO.

UK Information Commissioner makes consumer privacy "top priority"

In a speech at the ICO's annual Data Protection Practitioners Conference in Manchester, the information commissioner said GDPR is bringing about a major culture change, and companies should strive to make the handling of customer data a top priority.

Charities get hefty ICO fine, Charity Commission says all is now kosher

Following on from the ICO issuing fines to the RSPCA and British Heart Foundation for misuse of donor data, the Charity Commission has now investigated and assured that both charities are no longer using the same fundraising practices.

Accidental data leakage would be thing of the past with BS 10010

Consultation opens on BS 10010 which seeks to bring government-style information classification schemes to public organisations and end inadvertent data leakage.

ICO deals finance firm fine, as ICO fine total mounts up

A finance firm based in London has been fined £70,000 by the Information Commissioner's Office, in retaliation for its contracted marketing firm sending out some 2.2 million unsolicited SMS messages. The fine comes as the ICO's total bill of outstanding fines mounts up, due to companies going into liquidation rather than paying them.

UK ICO recommends company directors have personal liability for data breaches

The UK's Information Commissioner has given recommendations to a House of Commons Committee detailing why (amongst other things), company directors should be held personally accountable for breach of data protection laws.

UK businesses confused over GDPR and Brexit

The Deputy Information Commissioner, Steve Wood says that UK businesses are caught in a confusing place, between looming EU regulation and Brexit

ICYMI: NCSC, FSB, ATM malware, D-link routers and the ICO

This week: the NCSC, Russian intelligence to decrypt internet traffic, (ba)d-link routers, ICO urges action on GDPR, and ATM malware gang member.

ICO fines TalkTalk £400K for theft of customer data last year

Due to its poor data security, which led to the theft of the personal data of over 150,000 customers last year, TalkTalk has been fined £400,000 by the Information Commissioner's Office (ICO).

Protecting your records ahead of GDPR

Gavin Siggers explores six key steps to getting GDPR-ready to help businesses understand the impact of the GDPR on their information management processes.

ICO receives 88% rise in reported security breaches from 2015 to 2016

The number of security breaches reported by organisations to the Information Commissioner's Office (ICO) rose from 1,089 in 2015 to 2,048 this year during a similar period, reflecting an 88 percent increase.

Sage suffers data breach from insider

Software company Sage has reportedly suffered a data breach orchestrated by an insider of the company. The police are investigating and the ICO has been informed.

Health sector tops breach list, says Information Commissioner

The healthcare sector has once again won the dubious distinction of the leakiest industry as the Information Commissioner's Office releases data covering breaches reported in the final quarter of 2015.

Commons committee lambasts ICO for lack of TalkTalk report

The Culture, Media and Sport Committee report on cyber-security opened with criticism of the ICO and then moved on to recommendations for escalating the visibility of cyber-security within organisations.

Email error leaks hundreds of Northern Ireland prison officer details

An email error made in Northern Ireland has accidentally leaked the personal details of hundreds of prison officers working in the country to an outside contractor.

CPS working on new system to curb data losses

A report from two watchdogs has found that due to data being shared on computer discs, police and prosecutors are losing sensitive case information, but the CPS is promising a new system.

New ICO tool will help SMEs comply with Data Protection Act

A new free service from the Information Commissioner's Office (ICO) has been put together to assess how well SMEs look after personal data.

ICO hands out highest fine ever for over 46M unwanted cold calls

A spam operation that bombarded the public with nuisance calls has been hit with a £350,000 fine by data privacy watchdogs.

Greenwich University hit by data breach

Students have discovered their personal information could be found online via a Google search, landing Greenwich University in hot water with the Information Commissioner's Office.

UK privacy watchdog warns consumers that shops can track them

The UK's privacy watchdog warns that facial recognition software and handset identifiers broadcasted via Wi-Fi are allowing UK retailers to track and target their customers through their smartphones.

ICO demands Google take down links under 'right to be forgotten'

The Information Commissioner's Office ordered Google to remove links to webpages detailing a minor crime and the company's prior removal of links related to the offence.

Updated: 2.4 million hit by Carphone Warehouse breach

Personal details of up to 2.4 million customers of Carphone Warehouse - including encrypted credit card details - have been reported stolen, with the ICO now investigating.

Information Commissioner report reveals need for greater action

If the Information Commissioner's Office is to be more aggressive regarding data breaches, it will need more investment.