1

The UK Information Commissioner's Office (ICO) has slapped the Greater Manchester Police force with a £150,000 fine (reduced to £120,000 for early payment) after a memory stick containing sensitive data about serious crimes was stolen from the home of a police officer.

dweb-police The ICO has the power to levy such fines if an investigation determines that sensitive data has been put at risk courtesy of a lack of proper data protection being in place. In this particular case it must have been a very quick investigation, filed under the no-brainer category, seeing as the data was being stored on a memory stick which the officer had seen fit to take home with him. A memory stick which required no password in order to access the information held upon it. Information that was stored without any encryption being applied. Information which included details concerning in excess of a thousand people with links to 'serious crime investigations' apparently.

The breach occurred when a burglar broke into the home of the officer and the memory stick was amongst the items stolen during that robbery. According to the ICO, Greater Manchester Police officers regularly used such unencrypted memory sticks. This despite a very similar breach having taken place in 2010, the lessons from which were obviously not learned and which led the ICO to conclude that the police force was not properly trained with regards to data protection matters.

ICO Director of Data Protection, David Smith, insists that it should have "been obvious to the force that the type of information stored on its computers meant proper data security was needed" and that the consequences of such a breach leaving this information in the hands of a burglar sends "a shiver down the spine".

As Editorial Director and Managing Analyst with IT Security Thing I am putting more than two decades of consulting experience into providing opinionated insight regarding the security threat landscape for IT security professionals. As an Editorial Fellow with Dennis Publishing, I bring more than two decades of writing experience across the technology industry into publications such as Alphr, IT Pro and (in good old fashioned print) PC Pro. I also write for SC Magazine UK and Infosecurity, as well as The Times and Sunday Times newspapers. Along the way I have been honoured with a Technology Journalist of the Year award, and three Information Security Journalist of the Year awards. Most humbling, though, was the Enigma Award for 'lifetime contribution to IT security journalism' bestowed on me in 2011.

3
Contributors
2
Replies
9
Views
5 Years
Discussion Span
Last Post by LastMitch
0

The UK Information Commissioner's Office (ICO) has slapped the Greater Manchester Police force with a £150,000 fine (reduced to £120,000 for early payment) after a memory stick containing sensitive data about serious crimes was stolen from the home of a police officer.

This is an sad article. I think the police officer didn't follow protocol. All sensitive data should be kept at the station or office not at their home. This is really serious why did the police officer brought home that stick in the first place. This is a hard lesson to be learn.

Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.