With data breach complaints received by the ICO up 160% since the introduction of the GDPR someone somewhere is paying attention. Whilst no one can deny that there is an added burden for most companies in working towards compliance we need to analyse the main causes of data breach.
Human error is blamed for most data incidents and the most common action is that of emailing confidential information to the incorrect recipient closely followed by loss/theft of paperwork and theft of data from an insecure location. How can we then account for the human factor?
There are many tools in the market place that have been developed to help the humble human and to enable them to do things they weren’t able to do before and better. The important thing for developers to remember is that the starting point is with what people want and not just what is technically possible.
All that said some of the most mind-boggling data breaches have been related to electronic data. Uber has to be up there with the biggest audience effected at 57 million people they then tried to counteract this by paying an extortion fee of $100,000 to have the hackers delete the data – Uber embarrassing. British holiday resort Butlin’s saw 34 000 of their guests’ personal data hacked quite recently, they reported it within the 72 hours mandatory reporting timescale to protect the business against potential fines – wakey-wakey Butlin’s. Even our much loved British Airways succumbed to a breach of around 380,000 customer’s payment card details. It was described as ‘a more sophisticated data breach’ we would expect nothing less. – The world’s favourite breach.