The ICO has fined a holiday insurance firm £175,000 after it was revealed that IT security failings allowed hackers to gain access to customer credit card details, which were subsequently used to commit fraud.
Upwards of 5,000 customers of the holiday insurance firm became victims of fraud after hackers gained access to their details in the security breach.
Steve Eckersley, Head of Enforcement at the ICO, said:
“It’s unbelievable to think that a company holding three million customer records did not have the procedures in place to keep that information secure. Keeping personal information secure is a basic legal requirement. The company’s actions were unacceptable and this penalty notice reflects the severity of the situation.”
Hackers potentially gained access to over 100,000 usable credit card details as well as highly confidential customer medical details. In addition, customer credit card security numbers, which industry rules dictate must not be stored at all, were also accessible in the breach.
The Data Protection Act stipulates that any organisation that processes personal information must ensure that the personal information is:
Fairly and lawfully processed
Processed for limited purposes
Adequate, relevant and not excessive
Accurate and up to date
Not kept for longer than is necessary
Processed in line with your rights
Not transferred to other countries without adequate protection
Redstor’s range of services and solutions help organisations comply with the Data Protection Act. Redstor cloud backup services store customer data in an encrypted format in our UK-only data centres. Our cloud sync and share service, Centrastor, enables organisations to store and share files and sensitive data securely from any device with an internet connection and our Centrastage service enables support providers to guarantee that devices they support are regularly audited, patched and safely up-to-date for effective endpoint management. To find out more about our services and how we can help you comply with data protection laws and prevent data leakage, please contact us either by giving us a call on 01189 515 200 or emailing [email protected].
Redstor was named Hosted Cloud Vendor of the Year at the 2022 Technology Reseller Awards. Andy Kerr, Redstor’s head of marketing in Europe, is pictured receiving the award with colleagues Harpal Chima, Tom Walker, Kim Reddy and Alan Manicom at the London Hilton Bankside Hotel.
Redstor was named Connected Technologies Vendor of the Year at the IT Europa Channel Awards. Gareth Case, Redstor’s Chief Marketing Officer, is pictured receiving the award with Brian Evans, Adele Quinn and Lara Sibley at the Royal Lancaster Hotel, London.