News

ICO Fines Holiday Insurance Firm

Wed, 25/02/2015 - 14:36
Cloud Services

The ICO has fined a holiday insurance firm £175,000 after it was revealed that IT security failings allowed hackers to gain access to customer credit card details, which were subsequently used to commit fraud.

Upwards of 5,000 customers of the holiday insurance firm became victims of fraud after hackers gained access to their details in the security breach.

Steve Eckersley, Head of Enforcement at the ICO, said:

"It's unbelievable to think that a company holding three million customer records did not have the procedures in place to keep that information secure. Keeping personal information secure is a basic legal requirement. The company's actions were unacceptable and this penalty notice reflects the severity of the situation."

Hackers potentially gained access to over 100,000 usable credit card details as well as highly confidential customer medical details. In addition, customer credit card security numbers, which industry rules dictate must not be stored at all, were also accessible in the breach.

The Data Protection Act stipulates that any organisation that processes personal information must ensure that the personal information is:

  • Fairly and lawfully processed
  • Processed for limited purposes
  • Adequate, relevant and not excessive
  • Accurate and up to date
  • Not kept for longer than is necessary
  • Processed in line with your rights
  • Secure
  • Not transferred to other countries without adequate protection

Redstor's range of services and solutions help organisations comply with the Data Protection Act. Redstor cloud backup services store customer data in an encrypted format in our UK-only data centres. Our cloud sync and share service, Centrastor, enables organisations to store and share files and sensitive data securely from any device with an internet connection and our Centrastage service enables support providers to guarantee that devices they support are regularly audited, patched and safely up-to-date for effective endpoint management. To find out more about our services and how we can help you comply with data protection laws and prevent data leakage, please contact us either by giving us a call on 01189 515 200 or emailing [email protected].

Recent Articles

Redstor_GDPR_Arrival_blog Data Management

G-day Is Here!

The wait is over. The period for becoming compliant has finished and the General Data Protection Regulation (GDPR) is now in full effect.... read more

May 24, 2018
Redstor_Cloud_data_blog Online Backup

Is Your Cloud Data As Safe As You Think?

Cloud technology is fast becoming a stable in the IT strategies of all modern businesses. Well-known benefits like flexible and rapid deployment help... read more

May 22, 2018
Redstor_Wannacry_blog Ransomware

WannaCry A Year On

Ransomware attacks took up many headlines throughout 2016 and 2017 as their quantity and effect became widespread, costing organisations and... read more

May 16, 2018