We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
78,145 News Articles

Public sector fuels tenfold rise data breaches since 2007

ICO numbers show alarming increase

Public sector organisations are behind a dramatic tenfold increase in the number of data breach incidents reported to the UK Information Commissioner (ICO), storage firm Imation has found.

Using figures obtained under Freedom of Information (FoI), the company uncovered an overall 1,014 percent rise in reported breaches since 2007 across eight industry sectors logged by the ICO.

This included a 1,609 percent increase in incidents reported by local government, a 935 percent rise in the NHS, and a 132 rise in central government. "Other" public sector organisations - a catch-all category for organisations that fall outside these headings - showed a 1,380 percent rise.

For comparison, the private sector as a whole showed a 1,159 percent rise with only one sector, telecoms, doing well enough to record no breaches in the most recent period.

The percentages also add up to a concerning number of cases in absolute terms; between November 2007 and November 2008, local government reported 11 data beach incidents a figure that had grown to 188 by 2012.

The total number of incidents reported to the ICO in 2011/12 stands at 821, Imation said.

"More alarming is the consistent year-on-year increase in data breaches since 2007," said Nick Banks of Imation Mobile security. "The figures obtained from the ICO by Imation seem to show that increasing financial penalties have had little effect on the amount of data breaches each year," he said.

The ICO figures aren't surprising or even particular new; the heady rise in data breach reports is similar across the developed world, driven at least in part a greater motivation to report what might once have been ignored or covered up.

This could be the key issue - is the need to report breaches and risk a fine feeding back into better security?

"Organisations must take responsibility for preventing breaches, and with so much available technology there really is no excuse for failing to adequately protect data," said Banks.

Over time, the ICO's has started to get tougher with the number of fines growing. One analysis claimed that the ICO was more likely to fine public sector organisations than private ones but comparisons are hard to make because of differences in the type of data held.


IDG UK Sites

OnePlus Two release date rumours: Something's happening on 22 July

IDG UK Sites

13in MacBook Air review, Apple's MacBook Air 2014 reviewed

IDG UK Sites

5 reasons to buy an electric car and 5 reasons not to

IDG UK Sites

Evernote Skitch: the best way for creatives to doodle feedback