Following the identification that 2 unencrypted laptops had been stolen from Glasgow City Council, it was discovered that a further 74 laptops could not be accounted for.
The Information Commissioner’s Office fined Glasgow City Council £150,000 for a serious breach of the Data Protection Act after the theft and subsequent investigation for what it described a serious breach of security. It is believed that at least one of the laptops contained the council’s creditor payment history files, which included the personal details of more than 20,000 people and 6,069 bank accounts.
The authority, which had already been disciplined by the ICO a year ago for its loss of a memory stick, said it had not been able to encrypt the data because it had been “experiencing software problems.”
The ICO’s assistant commissioner for Scotland, Ken Macdonald, was understandably outraged by this latest breach of security by Glasgow City Council and pulled no punches with his criticism of the authority; “How an organisation can fail to notice that 74 unencrypted laptops have gone missing beggars belief,” he said. “The fact that these laptops have never been recovered, and no record was made of the information stored on them, means that we will probably never know the true extent of this breach, or how many people’s details have been compromised.”
Regency IT Consulting has a wealth of experience in assisting both Central Government Agencies and Industry in protecting their IT systems. If you have concerns regarding the security of your IT systems, then why not get in touch and see what we can do to assist you in protecting your systems.