Data Breach Caused By Not Using BCC In Email
Published on: 19th July 2018
By PYXI GDPR Team
The ICO has reported on a case of human error leading to a data breach, for which they've issued a fine of £200,000.
"On 27 February 2017, an IICSA staff member sent a blind carbon copy (bcc) email to 90 Inquiry participants telling them about a public hearing. After noticing an error in the email, a correction was sent but email addresses were entered into the ‘to’ field, instead of the ‘bcc’ field by mistake."
According to the ICO this put vulnerable people at risk.
This instance illustrates the importance of correct training and procedures for managing email communications. Though the sensitivity of the data in this case makes it especially worrying, it also shows how easy it is to cause harm to people through lack of thought, attention or "by mistake". By bringing this to the public's attention the ICO gives everyone the opportunity to think hard about the data protection, safeguarding and security measures that are in place within all organisations in the UK.
You can read the full story here: https://ico.org.uk/about-the-ico/news-and-events/news-and-blogs/2018/07/independent-inquiry-into-child-sexual-abuse-fined-200-000/
PYXI GDPR Team: 19th Jul 2018 07:47:00
Subscribe to our
Weekly GDPR Newsletter.
It's full of really useful updates
for UK small businesses.
ICO Q2 Data Security Incident Trends
The ICO's figures for Q2 show that the most frequently reported data security incident relates to disclosure of data. The ICO's website has published information about Q2 2018-19's data security incidents by type and sector, and the single mo... click to read more