The Only Way Is Out After Essex Data Breach
Joey Essex looks on in dismay…
A worker has been fired from Essex County Council after a data breach at the local authority saw information on 400 vulnerable people exposed.
Information including names, addresses and financial information about people in “critical” need of care was sent from the Adults Health and Community Wellbeing Department to a computer outside of County Hall, breaking the council’s security policy.
“While we are unable to give specific details we can confirm that the investigation centres on an ex-employee who breached our information security policy,” read a statement by the Essex County Council.
“Whilst the ex-employee had signed a declaration stating they had deleted the information and not shared it with anyone, it is our duty to inform service users that their information has been compromised.
“We do not believe there is malicious intent behind this incorrect use of data. The information involved is such that (the risk of) identity theft is minimal.”
‘It beggars belief’
Both the Information Commissioner’s Office (ICO) and the police have been informed of the breach, which was discovered thanks to an internal audit, according to the Essex Chronicle.
“With all the security procedures we are supposed to have now and all the millions the county council has spent on the best IT, it beggars belief that something like this can have happened,” said Liberal Democrat opposition leader at the council, Councillor Mike Mackrory.
“I am frankly staggered. We need to get to the bottom of it quickly and ensure our procedures are even tighter.”
The ICO could fine the organisation up to £500,000 if it thinks the damage is serious enough. Earlier this month, Torbay Care Trust in Torquay was fined £175,000 after it accidentally published details relating to over 1000 members of staff on its website.
Are you a security guru? Test yourself with our quiz!