ICO: Number of data security breaches is 'horrifying'

The Information Commissioner, Richard Thomas, has slammed the UK’s chief executives for failing to protect the personal data of their employees and customers and called for them to take the issue more seriously.

The warning comes in the Information Commissioner’s Office (ICO) annual report, released today. He said privacy of personal information should be given more priority in company boardrooms across the UK.

The privacy watchdog warned that organisations failing to process personal details in line with the principles of the Data Protection Act not only face enforcement action and heavy penalties from the ICO, but also risk losing the trust of their customers.

“The roll call of banks, retailers, government departments, public bodies and other organisations that have admitted serious security lapses is frankly horrifying,” Thomas said.

In the past year, the ICO received almost 24,000 complaints concerning the handling of personal information. High-street giants Orange and Littlewoods were named and shamed by the watchdog for their negligent management of customer information.

In March, the Information Commissioner took the unprecedented step to publicly condemn a dozen of the UK’s leading banks, including Barclays, NatWest and HBOS, for dumping sensitive personal data in rubbish bins outside their premises.

The Foreign and Commonwealth Office was also reported to the ICO after problems with its online visa application system allowed users to access other people’s details.

What’s more, the privacy watchdog is currently finalising its decision regarding the TJX security breach. Criminal hackers stole more than 45 million credit card records from the US company, which owns TJ Maxx, and the UK outlet TK Maxx.

“Over the past year we have seen far too many careless and inexcusable breaches of people’s personal information,” Thomas said.