Verity Trustees has had its wrist slapped by the Information Commissioner's Office (ICO) after a laptop was stolen containing data on 110,000 people.
The laptop was taken from the locked server room of Northgate Arinso, which supplies pension management software to Verity.
The laptop held names, addresses, salaries, national insurance numbers and dates of birth of 110,000 people, as well as 18,000 banking details.
The data wasn't supposed to be on the laptop, but had been downloaded for training - contrary to Northgate Arinso's normal policy of using anonymised data of 50 to 100 people.
Mick Gorrill, Assistant Information Commissioner at the ICO, said: "This is a stark reminder of how easy it can be to put so many people's details at risk. Failure to follow security policies and downloading such a vast amount of information has resulted in thousands of individuals' personal details being compromised."
The ICO has made Verity Trustees sign a formal undertaking to improve its data handling. It will be forced to encrypt any portable devices and make anyone processing data sign a written contract.
Gorrill added: "It is encouraging to see that the Trustees have taken remedial steps, including the engagement of a fraud protection service provider to protect the affected individuals. I am also satisfied that the Trustees will now take appropriate steps to ensure individuals' details are protected."
Read on to find out what to do in case of a data breach.
-
RSAC Conference 2025: The front line of cyber innovationITPro Podcast Ransomware, quantum computing, and an unsurprising focus on AI were highlights of this year's event
-
Anthropic CEO Dario Amodei thinks we're burying our heads in the sand on AI job lossesNews With AI set to hit entry-level jobs especially, some industry execs say clear warning signs are being ignored
-
New Zealand privacy commissioner tipped to become next ICO headNews John Edwards is said to be an 'anti-Facebook' regulator who would fit well in the UK's plans to clamp down on big tech
-
What is a freedom of information (FOI) request?In-depth We look at the mechanism citizens can use to hold public bodies to account
-
ICO hints at Facebook hypocrisy over data protection goalsNews Elizabeth Denham asks Facebook to drop appeal after CEO's call for greater internet regulation
-
ICO to investigate Google over GDPR violationsNews UK Watchdog to liaise with other European regulators over 'forced consent' push by the tech giant
-
ICO myth-busts on the flow of data post BrexitNews The Information Commissioner explains how data will move between the UK and EU in a no-deal scenario
-
Leave.EU faces big fine over data law breachesNews Information commissioner reveals Leave.EU was fined a total of £75,000 for “serious breaches”
-
ICO website knocked offline for more than 24 hoursNews The outage was caused by an “unprecedented electrical surge” that damaged its host’s circuits
-
Elizabeth Denham appointed ICO bossNews Denham will be tasked with helping the UK leave the EU without any knock-on effects on privacy
