The Information Commissioner's Office (ICO) has found that Redstone Mortgages violated the Data Protection Act by inadvertently e-mailing personal data from 15,333 mortgage accounts to a member of the public. The information, which had not been encrypted and was not protected by a password, had been meant for a consultant, but was sent instead to an individual with a similar e-mail address. In the ICO's announcement of the breach, Sally-Anne Poole states, "It is essential that the right procedure is followed and care is taken when sending out e-mails of this nature. If personal information falls into the wrong hands, individuals could experience considerable distress." The company has agreed that all future reports being e-mailed externally will be password protected.
If you want to comment on this post, you need to login.