The UK Information Commissioner has been notified of almost 100 data breaches by public and private sector organisations since the loss of 25 million people’s details by HM Revenue and Customs last November, according to figures released this week. Half of the 28 private sector security breaches were by financial services companies.
Information that has gone missing includes unencrypted laptops and computer discs, memory sticks and paper records. Information has been stolen, gone missing in the post and whilst in transit with a courier. The material includes a wide range of personal details, including financial and health records.
The ICO is investigating the circumstances of the breaches. The Information Commissioner has now decided to use its enforcement powers to require organisations to make procedural changes to improve data security, such as encryption.