ICO News, Articles and Updates

Gwent Police sat on data breach exposure for a year before informing ICO

Gwent Police failed to inform up to 450 people that hackers may have accessed their confidential information after it found that an online tool that allowed citizens to report incidents to the Police was exposed to hackers.

SC Congress 2018 Security best practices needed to stay in line with GDPR

It's not enough to do the minimum necessary now with enforcement of new rules less than 100 days away.With GDPR coming into force less than 100 days, organisations need to make sure they are using best practices for security now.

BeeToken customers duped out of £700,000 worth of Ethereum in phishing scam

BeeToken customers were duped out of more than US$1 million (£700,000) worth of Ethereum in a phishing scam targeting BeeToken's initial coin offering (ICO) in a scam similar to the one that targeted Experty earlier this week.

Hack of initial coin offerings leads to loss of millions in cryptocurrency

Initial coin offerings (ICO) are losing about 10 percent of all ICO funds generated to cyber-attack due to poor cyber-security as malicious actors take advantage of the absence of a centralised authority.

Homes and Communities Agency breach reported to ICO

Ahead of GDPR, even minor breaches are now being reported, with the UK government agency, the Homes and Communities agency, notifying the ICO of a limited breach of its information security policy on Monday 9 October.

Poor staff monitoring sees £100k fine for TalkTalk 21,000 record breach

The Information Commissioner's Office (ICO) fined TalkTalk Telecom Group PLC £100,000 because it did not have appropriate technical or organisational measures in place to keep personal data secure.

ICO fines grocers Morrisons for sending unwanted emails to customers

The Information Commissioner's Office (ICO) has run an investigation and concluded that Morrisons intentionally sent thousands of marketing emails to its card members.

Why the UK needs to adopt US healthcare approaches to information security sharing

The UK Government wants more robust protections in place to defend NHS patient data. US-style stakeholder collaboration could be even more effective in protecting patient data, says Jamie Stone.

The role of the ICO in the GDPR

Norman Shaw looks at what the latest reports are signalling about the state of readiness for the GDPR, and the role of the ICO.

UK Information Commissioner makes consumer privacy "top priority"

In a speech at the ICO's annual Data Protection Practitioners Conference in Manchester, the information commissioner said GDPR is bringing about a major culture change, and companies should strive to make the handling of customer data a top priority.

Charities get hefty ICO fine, Charity Commission says all is now kosher

Following on from the ICO issuing fines to the RSPCA and British Heart Foundation for misuse of donor data, the Charity Commission has now investigated and assured that both charities are no longer using the same fundraising practices.

Accidental data leakage would be thing of the past with BS 10010

Consultation opens on BS 10010 which seeks to bring government-style information classification schemes to public organisations and end inadvertent data leakage.

ICO deals finance firm fine, as ICO fine total mounts up

A finance firm based in London has been fined £70,000 by the Information Commissioner's Office, in retaliation for its contracted marketing firm sending out some 2.2 million unsolicited SMS messages. The fine comes as the ICO's total bill of outstanding fines mounts up, due to companies going into liquidation rather than paying them.

UK ICO recommends company directors have personal liability for data breaches

The UK's Information Commissioner has given recommendations to a House of Commons Committee detailing why (amongst other things), company directors should be held personally accountable for breach of data protection laws.

UK businesses confused over GDPR and Brexit

The Deputy Information Commissioner, Steve Wood says that UK businesses are caught in a confusing place, between looming EU regulation and Brexit

ICYMI: NCSC, FSB, ATM malware, D-link routers and the ICO

This week: the NCSC, Russian intelligence to decrypt internet traffic, (ba)d-link routers, ICO urges action on GDPR, and ATM malware gang member.

ICO fines TalkTalk £400K for theft of customer data last year

Due to its poor data security, which led to the theft of the personal data of over 150,000 customers last year, TalkTalk has been fined £400,000 by the Information Commissioner's Office (ICO).

Protecting your records ahead of GDPR

Gavin Siggers explores six key steps to getting GDPR-ready to help businesses understand the impact of the GDPR on their information management processes.

ICO receives 88% rise in reported security breaches from 2015 to 2016

The number of security breaches reported by organisations to the Information Commissioner's Office (ICO) rose from 1,089 in 2015 to 2,048 this year during a similar period, reflecting an 88 percent increase.

Sage suffers data breach from insider

Software company Sage has reportedly suffered a data breach orchestrated by an insider of the company. The police are investigating and the ICO has been informed.

Health sector tops breach list, says Information Commissioner

The healthcare sector has once again won the dubious distinction of the leakiest industry as the Information Commissioner's Office releases data covering breaches reported in the final quarter of 2015.

Commons committee lambasts ICO for lack of TalkTalk report

The Culture, Media and Sport Committee report on cyber-security opened with criticism of the ICO and then moved on to recommendations for escalating the visibility of cyber-security within organisations.

Email error leaks hundreds of Northern Ireland prison officer details

An email error made in Northern Ireland has accidentally leaked the personal details of hundreds of prison officers working in the country to an outside contractor.

CPS working on new system to curb data losses

A report from two watchdogs has found that due to data being shared on computer discs, police and prosecutors are losing sensitive case information, but the CPS is promising a new system.

New ICO tool will help SMEs comply with Data Protection Act

A new free service from the Information Commissioner's Office (ICO) has been put together to assess how well SMEs look after personal data.

ICO hands out highest fine ever for over 46M unwanted cold calls

A spam operation that bombarded the public with nuisance calls has been hit with a £350,000 fine by data privacy watchdogs.

Greenwich University hit by data breach

Students have discovered their personal information could be found online via a Google search, landing Greenwich University in hot water with the Information Commissioner's Office.

UK privacy watchdog warns consumers that shops can track them

The UK's privacy watchdog warns that facial recognition software and handset identifiers broadcasted via Wi-Fi are allowing UK retailers to track and target their customers through their smartphones.