Data breach leads to reprimand of London Mayor’s Office

Blog
Data breach leads to reprimand of London Mayor’s Office

The Information Commissioner’s Office (ICO) has reprimanded the London Mayor’s Office for Policing and Crime (Mopac) over a mistake that could have exposed the personal data of individuals who contacted it to complain about the Metropolitan Police Force. It affected approximately 400 people, all of whom have been informed of the potential data breaches. The error occurred through two contact forms on Mopac’s public website.

The incident occurred between November 11 and November 14, 2022, when a member of the Greater London Authority (GLA) attempted to grant four Mopac employees permission to access information that had already been submitted through the web forms. However, instead of granting access only to the employees, the information became publicly accessible.

The issue was not discovered until February 23, 2023, when a member of the public alerted Mopac. An investigation was launched, revealing that users had been able to view all information submitted through the forms, including names, addresses, and reasons for complaints.

The personal details of 394 complainants were exposed, but there is no evidence to suggest that anyone else accessed the information during the period it was vulnerable. Mopac has taken remedial steps, including providing additional staff training to prevent future incidents.

ICO director Anthony Luhman stated that it was an avoidable mistake that has the potential to undermine public confidence in the criminal justice system. He emphasized the need for public bodies to handle sensitive data with utmost care.

The ICO’s decision to issue a reprimand, rather than a financial penalty, is part of its ongoing policy introduced in 2022 to avoid burdening taxpayers with fines for data breaches caused by public sector organizations. However, this policy has faced criticism from legal and cyber security experts in cases where physical safety was jeopardized.

The trial period for this policy will end in June 2024, at which point the information commissioner will reassess its effectiveness and potentially rescind it if there hasn’t been sufficient improvement in public sector security and data protection.

Computer Weekly reached out to the London Mayor’s office for comment but had not received a response at the time of publication.

Unlock your business potential with our expert guidance. Get in touch now!

Contact us
AI & Neural Networks Applications Big Data and Data Analysis Blockchain Cloud Computing and Services Digital Marketing in IT Digital Transformation E-commerce Technologies GLOBUS.studio GLOBUS.studio IT Consulting and Strategies IT for Businesses IT Security and Cybersecurity Learning Mobile Development News Project Management SaaS Solutions SEO/SMO/SMM Software Development Technologies Uncategorised UX/UI Web Development
green-datacentre-sustainable-cloud-adobe.jpg

Report Highlights Advantages of ‘Socially Integrating’ Data Centers into Local Communities

  • GLOBUS.studio
tr_20250310-russian-crypto-garantex-secret-service.jpg

Reasons Behind the Secret Service’s Seizure of Garantex

  • GLOBUS.studio
IT-jobs-career-training-women-adobe.jpeg

Cultivate Your Talents and Dreams This International Women’s Day

  • GLOBUS.studio
tr_20250307-salesforce-diversity-shift-legal-compliance.jpg

Salesforce Abandons DEI Initiatives, Repositions Equality as Legal Obligation

  • GLOBUS.studio
leaf-nature-growth-adobe.jpeg

Recent Demos Showcase Enhancements in Alibaba’s AI Model

  • GLOBUS.studio
Apple-Store-Hong-Kong-hanohiki-1-adobe.jpg

Apple’s IPT Appeal on “Backdoor” Encryption Order: A Crucial Test for Major Challenges Ahead

  • GLOBUS.studio
tr_20250305-complete-microsoft-excel-training-bundle.jpg

Master Excel from Fundamentals to AI Integration with This $35 Course Bundle

  • GLOBUS.studio

Explore More

Your Gateway to Useful Resources