Monday, 24 December 2007

The 12th Breach of Christmas (UK)

On the Twelve Day of Christmas the Information Commissioner disclosed to me...

12 hundred wrongly addressed questionnaires (DVLA Dec 07)
802.11 Wifi WEP is broken (now takes just a minute to crack)
1 to 10 UK companies PCI compliant (Survey by Logic Group in Sept'07 revealed that only one in ten UK companies have the proper security standards to handle our card payments securely)
9 NHS Trust Breaches (Dec 2007)
8 "Significant" HMRC Security Incidents (HMRC revealed further "significant" breaches in Nov/Dec 07)
7 out of 10 websites vulnerable (Cenzic Study Finds Web Applications Vulnerable to attack May 07)
6,000 personal records mislaid (by N.I. Driver and Vehicle Agency - Nov 07)
"Twenty-Five" Million Records Lost (HMRC Nov 07)
4 in 10 WiFi routers unsecure (according to a report by Apr 07)
3 Million Learner Drivers Lost (by Driving Standards Agency Dec 07)
2 Discs Missing (HMRC discs holding 15,000 Standard Life customers is lost Oct 07)
And a £1 Million fine to the Nation-wide! (Lost a laptop with an unencrypted hard disk holding nearly 11 Million customer records and were fined by FSA in Feb 07)

Merry Christmas Everyone!

PS Lets hope I find it a much harder struggle to write this sort of thing next christmas.


Anonymous said...

What's a "security innocent"?

Dave Whitelegg CISSP said...

It's what happens when you make a typo on the word "incident" and then don't pay proper attention to the spellchecker! - Corrected & Thanks

Anonymous said...

Awesome article.

Visit my site

Dorothy Miller said...

Excellent information...thanks for update!!