Greater Manchester Police pays £120k fine for data breach
Unencrypted memory stick containing the details of thousand people linked to serious crimes stolen from officer's home.

Greater Manchester Police has paid a 120,000 fine for a data breach after the Information Commissioner's Officer (ICO) found that sensitive data had been compromised.
The breach occurred when a memory stick containing the details of a thousand people with links to serious crimes was stolen from an officer's home. The memory stick was unencrypted and had no password protection.
The ICO investigation also found that the police force has not been properly trained in data protection. A number of police officers in the force regularly use unencrypted memory sticks, to copy data from police computers, the watchdog said.
The consequences of this type of breach really do send a shiver down the spine.
"This was truly sensitive personal data, left in the hands of a burglar by poor data security," said David Smith, the director of data protection at the ICO.
"It should have been obvious to the force that the type of information stored on its computers meant proper data security was needed. Instead, it has taken a serious data breach to prompt it into action."
The ICO implemented a fine of 150,000 to the force. However, Greater Manchester Police ended up paying 120,000 as it took advantage of the 20 per cent early payment discount.
Get the ITPro daily newsletter
Sign up today and you will receive a free copy of our Future Focus 2025 report - the leading guidance on AI, cybersecurity and other IT challenges as per 700+ senior executives
"We hope it will discourage others from making the same data protection mistakes," Smith added.
"This is a substantial monetary penalty, reflecting the significant failings the force demonstrated."
-
Blackouts in Spain and Portugal could be a cyber attack
Both countries are "paralyzed" by nationwide power outages
By Jane McCallion
-
Cisco takes aim at AI security at RSAC with ServiceNow partnership
News The companies claim Cisco AI Defense and ServiceNow SecOps will help address new challenges raised by AI
By Jane McCallion
-
AI recruitment tools are still a privacy nightmare – here's how the ICO plans to crack down on misuse
News The ICO has issued guidance for recruiters and AI developers after finding that many are mishandling data
By Emma Woollacott
-
“You must do better”: Information Commissioner John Edwards calls on firms to beef up support for data breach victims
News Companies need to treat victims with swift, practical action, according to the ICO
By Emma Woollacott
-
LinkedIn backtracks on AI training rules after user backlash
News UK-based LinkedIn users will now get the same protections as those elsewhere in Europe
By Emma Woollacott
-
UK's data protection watchdog deepens cooperation with National Crime Agency
News The two bodies want to improve the support given to organizations experiencing cyber attacks and ransomware recovery
By Emma Woollacott
-
ICO slams Electoral Commission over security failures
News The Electoral Commission has been reprimanded for poor security practices, including a failure to install security updates and weak password policies
By Emma Woollacott
-
Disgruntled ex-employees are using ‘weaponized’ data subject access requests to pester firms
News Some disgruntled staff are using DSARs as a means to pressure former employers into a financial settlement
By Emma Woollacott
-
ICO reprimands Coventry school over repeated data protection failures
News The ICO said the academy trust failed to follow previous guidance, which caused a serious data breach
By Emma Woollacott
-
ICO dishes out fine to HelloFresh for marketing spam campaign
News HelloFresh failed to offer proper opt-outs, the ICO said, and customers weren’t warned their data would be used for months after they cancelled
By Emma Woollacott