14 DAY TRIAL // The HMRC data loss is surely a case which should be mentioned in the IT security books because at that time, there were no less than 25 million victims who saw their details lost in the unknown. However, it's sad to see more and more similar cases although the HMRC case obviously underlined the need for more and better security measures, the ICO officials mentioned in a press release published today. According to the report, there were no less than 100 data breaches reported since the HMRC data loss in November 2007.
And what's worse isn't the number of the breaches, but the fact that of the total number of the ones reported by private organizations, no less than 50 percent affected financial institutions. This means that information such as bank accounts and credit card numbers may fall in criminal hands as easy as you would say "security".
"It is particularly disappointing that the HMRC breaches have not prevented other unacceptable security breaches from occurring. The government, banks and other organizations need to regain the public's trust by being far more careful with people's personal information. Once again I urge business and public sector leaders to make data protection a priority in their organization," Richard Thomas, Information Commissioner, commented.
According to the same report, most security breaches occurred due to unencrypted laptops which got stolen, memory sticks or computer discs which were sent from a department to another, just like in the HRMC data loss.
"The level of understanding about data protection and the need to safeguard people's personal information have no doubt increased and I am encouraged that more Chief Executives and Permanent Secretaries appear to be taking data protection more seriously, but the evidence shows that more must be done to eradicate inexcusable security breaches."