News

ICO Fines Holiday Insurance Firm

Wed, 02/25/2015 - 14:36
Cloud Services

The ICO has fined a holiday insurance firm £175,000 after it was revealed that IT security failings allowed hackers to gain access to customer credit card details, which were subsequently used to commit fraud.

Upwards of 5,000 customers of the holiday insurance firm became victims of fraud after hackers gained access to their details in the security breach.

Steve Eckersley, Head of Enforcement at the ICO, said:

"It's unbelievable to think that a company holding three million customer records did not have the procedures in place to keep that information secure. Keeping personal information secure is a basic legal requirement. The company's actions were unacceptable and this penalty notice reflects the severity of the situation."

Hackers potentially gained access to over 100,000 usable credit card details as well as highly confidential customer medical details. In addition, customer credit card security numbers, which industry rules dictate must not be stored at all, were also accessible in the breach.

The Data Protection Act stipulates that any organisation that processes personal information must ensure that the personal information is:

  • Fairly and lawfully processed
  • Processed for limited purposes
  • Adequate, relevant and not excessive
  • Accurate and up to date
  • Not kept for longer than is necessary
  • Processed in line with your rights
  • Secure
  • Not transferred to other countries without adequate protection

Redstor's range of services and solutions help organisations comply with the Data Protection Act. Redstor cloud backup services store customer data in an encrypted format in our UK-only data centres. Our cloud sync and share service, Centrastor, enables organisations to store and share files and sensitive data securely from any device with an internet connection and our Centrastage service enables support providers to guarantee that devices they support are regularly audited, patched and safely up-to-date for effective endpoint management. To find out more about our services and how we can help you comply with data protection laws and prevent data leakage, please contact us either by giving us a call on 01189 515 200 or emailing [email protected].

Recent Articles

Redstor_CryptoJacking_blog Data Protection

Crypto-jacker Leaves ICO In Its Wake

Cyber-attacks and ‘hacks’ made regular headlines throughout 2017, and in the UK the Information Commissioner’s Office (ICO), was there to oversee all... read more

February 15, 2018
Redstor_100Days_to_GDPR Data Protection

100 Days To Go…

Wednesday 14th February 2018, valentine’s day, but more significantly it’s 100 days until G-day. May 25th, 2018, the day on which The General Data... read more

February 14, 2018
Redstor_Why_backup_is_vital_blog Ransomware

Why Backup Is A Vital Tool In The Fight Against Cyber-crime

The last 18-months has seen several cyber-attacks and cyber-crimes taking down critical networks and affecting organizations across the globe. As... read more

February 13, 2018