Hundreds of Bank Account Details Left In London Pub 92
twoheadedboy writes "Another day, yet another data security failure. Two companies have been found in breach of the Data Protection Act after tens of thousands of tenants' details were left at a London pub, alongside 800 records with bank account details. A contractor who had stored data from two different companies on an unencrypted USB drive was responsible. We've all lost things on a night out, but rarely is it other people's banking information. The two firms involved have been told to get a grip on their security procedures, but they escaped a fine from the ICO."
more details (Score:5, Informative)
the BBC article has some more depth [bbc.co.uk] (and the site is _much_ faster...). the most interesting sentence is "The memory stick was handed into the police on the weekend of the 5th March and safely retrieved." (emphasis added)
why took it 5 months to disclose the data breach?
Re:Why didnt they get a fine? (Score:5, Informative)
The article says "The ICO will only enforce a monetary penalty when it believes there has been noticeable damage to affected parties."
The ICO is useless (Score:5, Informative)
...the ICO acts on just 1.4% of data breaches and only fines 0.15% of offenders.
http://www.techwatch.co.uk/2011/04/22/ico-penalises-less-than-1-of-security-breaches/ [techwatch.co.uk]