ICO Fines Holiday Insurance Firm

ICO Fines Holiday Insurance Firm

posted in Product ● 25 Feb 2015

The ICO has fined a holiday insurance firm £175,000 after it was revealed that IT security failings allowed hackers to gain access to customer credit card details, which were subsequently used to commit fraud.

Upwards of 5,000 customers of the holiday insurance firm became victims of fraud after hackers gained access to their details in the security breach.

Steve Eckersley, Head of Enforcement at the ICO, said:

“It’s unbelievable to think that a company holding three million customer records did not have the procedures in place to keep that information secure. Keeping personal information secure is a basic legal requirement. The company’s actions were unacceptable and this penalty notice reflects the severity of the situation.”

Hackers potentially gained access to over 100,000 usable credit card details as well as highly confidential customer medical details. In addition, customer credit card security numbers, which industry rules dictate must not be stored at all, were also accessible in the breach.

The Data Protection Act stipulates that any organisation that processes personal information must ensure that the personal information is:

  • Fairly and lawfully processed
  • Processed for limited purposes
  • Adequate, relevant and not excessive
  • Accurate and up to date
  • Not kept for longer than is necessary
  • Processed in line with your rights
  • Secure
  • Not transferred to other countries without adequate protection

Redstor’s range of services and solutions help organisations comply with the Data Protection Act. Redstor cloud backup services store customer data in an encrypted format in our UK-only data centres. Our cloud sync and share service, Centrastor, enables organisations to store and share files and sensitive data securely from any device with an internet connection and our Centrastage service enables support providers to guarantee that devices they support are regularly audited, patched and safely up-to-date for effective endpoint management. To find out more about our services and how we can help you comply with data protection laws and prevent data leakage, please contact us either by giving us a call on 01189 515 200 or emailing [email protected].

Rise in laptop sales leads to data protection worries

Reading, 6 April 2020 – An unwelcome repercussion of employees snapping up laptops for home working ahead of the coronavirus lockdown has been an even bigger spike in cyber-criminal activity.

Continue reading

O365 cyber attacks stress need for isolated backup

Reading, 17 December 2019 – Office 365 is a prime target for cyber criminals – and it’s not difficult to understand why when Microsoft announced this year that it has more than 180m active commercial users every month.

Continue reading

Redstor to showcase pioneering data management technology at Infosecurity

Reading, 26 July 2019 – Redstor, the UK-headquartered company disrupting the world of data management, is pushing ahead with aggressive expansion plans in the Netherlands.

Continue reading