The ultimate guardian of Manchester Police data
A police force has been fined £120,000 following the theft of a memory stick containing names of members of the public who gave statements in drug investigations.
The unencrypted device with no password protection was stolen from an officer’s home and had details of 1,075 people with links to serious crime investigations stored over an 11-year-period.
The USB drive, belonging to the Greater Manchester police drugs squad detective, is also understood to have included details of police operations, potential targets for arrest and names of officers.
It has not been recovered following the burglary at his home in July 2011 when his wallet, containing the stick, and his car keys were taken from his kitchen table.
The Information Commissioner’s Office (ICO) said the consequences of the security breach “send a shiver down the spine”…
The Greater Manchester force suffered a similar security breach in September 2010 but failed to comply with a direction to order all staff to use encrypted memory sticks…
A further 1,100 memory sticks were recovered when the force offered an amnesty to staff with personal or unencrypted devices to hand them in.
Smith said: “This was truly sensitive personal data, left in the hands of a burglar by poor data security. The consequences of this type of breach really do send a shiver down the spine.
“It should have been obvious to the force that the type of information stored on its computers meant proper data security was needed. Instead, it has taken a serious data breach to prompt it into action…
It is understood the force took disciplinary action against the detective and that all those whose names appeared on the device have been contacted.
Yup. If there’s one thing the truly incompetent develop is a well-practiced ability to close up the barn after the horses have been stolen.
Folks – treat your personal data, important information, as if you were a bank. Don’t leave the family jewels out on a kitchen counter.