The Information Commissioner Office is urging organisations to recognise the real-world impact of data breaches – and the devastating effects they can have – on the back of a new study which exposes that nearly 30 million people in the UK have had their data compromised by such an incident.
The study, carried out by the ICO, shows that, in total, 55% of UK adults reported having had their data lost or stolen, with 30% of them experiencing emotional distress as a result. Yet 25% said they received no support from the organisations responsible and 32% found out through the media rather than from the organisation itself.
Qualitative research also revealed experiences of people having to move homes, feeling forced out of their jobs and facing discrimination as a result of data breaches they had experienced.
People told the ICO they felt the real impact on their life was insufficiently recognised by the organisation responsible.
The ICO maintains it remains committed to working alongside organisations to help them improve their data protection practices, and has published new guidance to support them in this endeavour.
Information Commissioner John Edwards said people in vulnerable situations – such as survivors of domestic abuse and those living with long-term health conditions – are often disproportionately affected by such breaches. These people may already be in precarious situations, and the unauthorised disclosure of their personal data can heighten the risks they face, he warned.
Edwards added: “There are two important things I need organisations to understand: empathy and action. You have a role to stop the negative ripple effect in someone’s life from spreading further. It is vitally important to acknowledge what has happened, be human in your response and commit to making sure it doesn’t happen again.
“We trust organisations with some of the most sensitive personal information imaginable, yet these data breaches continue to happen. This is not just an admin error – it is about people. When data is mishandled, it can have serious and long-lasting consequences, particularly for people in vulnerable situations. We need organisations across the country to do better.”
National AIDS Trust policy, research and influence manager Adam Freedman has worked with the ICO on ensuring that the harms of personal HIV data breaches are recognised and understood.
He said: “The stigma and discrimination experienced by people living with HIV is compounded by the additional distress caused by unlawful data breaches. We welcome the new guidance provided by the ICO and urge organisations to consider the very real human impact of mishandling someone’s personal information.”
Related stories
Cock-up culture: Staff guilty of 90% of data breaches
Data breaches, not rogues, are ICO Public Enemy No. 1
Ransomware victims who pay up are nearly all hit again
Gamers attacked as Fortnite firm suffers data breach
UK firms braced for fresh wave of ransomware attacks
UK firms still in dark over new cyber security measures
Major brands warned over extortion after global attack
