Greater Manchester Police pays £120k fine for data breach


Greater Manchester Police has paid a 120,000 fine for a data breach after the Information Commissioner's Officer (ICO) found that sensitive data had been compromised.

The breach occurred when a memory stick containing the details of a thousand people with links to serious crimes was stolen from an officer's home. The memory stick was unencrypted and had no password protection.

The ICO investigation also found that the police force has not been properly trained in data protection. A number of police officers in the force regularly use unencrypted memory sticks, to copy data from police computers, the watchdog said.

The consequences of this type of breach really do send a shiver down the spine.

"This was truly sensitive personal data, left in the hands of a burglar by poor data security," said David Smith, the director of data protection at the ICO.

"It should have been obvious to the force that the type of information stored on its computers meant proper data security was needed. Instead, it has taken a serious data breach to prompt it into action."

The ICO implemented a fine of 150,000 to the force. However, Greater Manchester Police ended up paying 120,000 as it took advantage of the 20 per cent early payment discount.

"We hope it will discourage others from making the same data protection mistakes," Smith added.

"This is a substantial monetary penalty, reflecting the significant failings the force demonstrated."