The number of data breaches reported to the Information Commissioner's Office involving personal information has surpassed the 1,000 mark.
The NHS reported the highest number of breaches with 305 of the overall figure of 1,007. The private sector was the second worst offender, accounting for 288, while local government was in third with 132.
In 307 of the 1,007 cases, breaches occurred because either data or hardware had been stolen. Losing data or hardware was also a key factor, accounting for 233 of all breaches.
"We all know that mistakes can happen but the fact is that human error is behind a high proportion of security breaches that have been reported to us," said deputy commissioner David Smith in a statement.
"Extra vigilance is required so that people's personal information does not end up in the wrong hands. Organisations should have clear security and disclosure procedures that staff can understand, properly implement these and ensure that they are being followed by staff. Staff must be adequately trained not just in the value of personal information, but in how to protect it," Smith added.
He stressed that the ICO is "keen to work with organisations to prevent breaches happening in the first place and to help ensure that things are put right when they do go wrong".
Outside of IT intrusions, it appears the ICO will be working with the Office of Fair Trading on regulation of online behavioral advertising.
-
Windows 10: Six essential steps IT teams should take over the next two monthsIndustry Insights With Windows 10 support ending soon, IT leaders must act now to mitigate risk
-
New chapter, same partners: Keeping the channel aligned with changeIndustry Insights How to maintain strong channel partnerships amid evolving strategies and market change
-
23andMe 'failed to take basic steps' to safeguard customer dataNews The ICO has strong criticism for the way the genetic testing company responded to a 2023 breach.
-
Two more NHS Trusts have been hit with cyber attacks – here’s what we know so farNews A flaw in a third-party device management tool appears to be the source of the incident
-
NHS England launches cyber charter to shore up vendor security practices
News Voluntary charter follows a series of high-profile ransomware attacks
-
NHS supplier hit with £3m fine for security failings that led to attack
News Advanced Computer Software Group lacked MFA, comprehensive vulnerability scanning and proper patch management
-
Cyber attack delayed cancer treatment at NHS hospital
News A cyber attack at Wirral University Teaching Hospital in 2024 delayed critical cancer treatment for patients, documents show.
-
Alder Hey Children’s Hospital confirms hackers gained access to patient data through digital gateway serviceNews Europe’s busiest children’s hospital confirmed attackers were able to steal data from a compromised digital gateway service
-
Major incident declared as Merseyside hospitals hit by cyber attackNews The incident, which has led to cancelled appointments, is just the latest in a series of attacks on healthcare organizations
-
AI recruitment tools are still a privacy nightmare – here's how the ICO plans to crack down on misuseNews The ICO has issued guidance for recruiters and AI developers after finding that many are mishandling data
