Data breach leads to reprimand of London Mayor’s Office

Blog
Data breach leads to reprimand of London Mayor’s Office

The Information Commissioner’s Office (ICO) has reprimanded the London Mayor’s Office for Policing and Crime (Mopac) over a mistake that could have exposed the personal data of individuals who contacted it to complain about the Metropolitan Police Force. It affected approximately 400 people, all of whom have been informed of the potential data breaches. The error occurred through two contact forms on Mopac’s public website.

The incident occurred between November 11 and November 14, 2022, when a member of the Greater London Authority (GLA) attempted to grant four Mopac employees permission to access information that had already been submitted through the web forms. However, instead of granting access only to the employees, the information became publicly accessible.

The issue was not discovered until February 23, 2023, when a member of the public alerted Mopac. An investigation was launched, revealing that users had been able to view all information submitted through the forms, including names, addresses, and reasons for complaints.

The personal details of 394 complainants were exposed, but there is no evidence to suggest that anyone else accessed the information during the period it was vulnerable. Mopac has taken remedial steps, including providing additional staff training to prevent future incidents.

ICO director Anthony Luhman stated that it was an avoidable mistake that has the potential to undermine public confidence in the criminal justice system. He emphasized the need for public bodies to handle sensitive data with utmost care.

The ICO’s decision to issue a reprimand, rather than a financial penalty, is part of its ongoing policy introduced in 2022 to avoid burdening taxpayers with fines for data breaches caused by public sector organizations. However, this policy has faced criticism from legal and cyber security experts in cases where physical safety was jeopardized.

The trial period for this policy will end in June 2024, at which point the information commissioner will reassess its effectiveness and potentially rescind it if there hasn’t been sufficient improvement in public sector security and data protection.

Computer Weekly reached out to the London Mayor’s office for comment but had not received a response at the time of publication.

Unlock your business potential with our expert guidance. Get in touch now!

Contact us
AI & Neural Networks Applications Big Data and Data Analysis Blockchain Cloud Computing and Services Digital Marketing in IT Digital Transformation E-commerce Technologies GLOBUS.studio IT Consulting and Strategies IT for Businesses IT Security and Cybersecurity Learning Mobile Development News Project Management SaaS Solutions SEO/SMO/SMM Software Development Technologies Uncategorised UX/UI Web Development
IT-sustainability-think-tank-hero.jpg

Navigating the Complexities of IT Equipment Capacity: Insights from the IT Sustainability Think Tank

  • News, Uncategorised
tr62123-trello-v-jira.png

Trello vs Jira: Determining the Winner by 2024

  • News
EU-flag-european-union-2-adobe.jpg

Platform worker directive approved by European Parliament

  • News, Uncategorised
tr_20240427-confluence-vs-notion.jpg

Which tool should be chosen?

  • News
chess-strategy-game-intelligence-2-adobe.jpeg

Datacentre investments crucial for Microsoft’s AI leadership, says company

  • News, Uncategorised
AdobeStock_598391382_Editorial_Use_Only.jpg

5% Reduction in Microsoft Security Vulnerabilities in 2023

  • News
Security-Think-Tank-hero.jpg

Security Think Tank: Exploring the Possibility of Negotiating with Terrorists

  • News, Uncategorised

Explore More

Your Gateway to Useful Resources