14 DAY TRIAL // Last week, the United Kingdom’s Information Commissioner’s Office released the data breach statistics for the April 1 – June 30, 2013 period.
The report shows that in most cases (175), organizations exposed sensitive information in error.
“That covers everything from emails being sent to the wrong people to information erroneously included in freedom of information responses, but invariably they can be described as careless,” Sally-Anne Poole, enforcement group manager at ICO’s Civil Investigations explained.
A perfect example is the recent case of the Bank of Scotland, which has been fined for sending faxes to the wrong people on several occasions.
Other common types of incidents involve lost or stolen paperwork (42), lost or stolen hardware (29), and technical security issues (27).
The two top sectors that have reported the most incidents to the ICO in this period are health and local government. However, the agency notes that these two sectors are always likely to be near the top of the chart because both have their own rules that force them to self-report any potential data breaches.