The Co-Op has been the latest company to encounter an online security breach.
By David Howells
27/05/2011
The Co-Op has been the latest company to encounter an online security breach.
Following the high-profile Sony case which saw millions of people's data being accessed by a hacker, Co-Operative Life Planning (CLP) has announced how it accidentally allowed 82,000 customer's personal details to be published online.
Co-Op has since been warned to consider online threats more thoroughly and put in place more comprehensive systems management software.
The Co-Op has admitted breaching the data protection act by failing to ensure their contractors followed the Co-Op's own security procedures. However, CLP and the Information Commissions Office (ICO) has declined requests to name the company in question.
In March 2011, the Co-Op asked its contractors to repair an electronic file that contained information of 82,000 of its customers. However, unbeknownst to the servers, after completing the work, the contractor retained the information on its own servers. The ICO told information-age.com that it was these servers which were then hacked into and its contents "accidentally made available online."
"The ICO's investigation found that the software support services provider had no authorisation to copy the data from the organisation's servers and failed to delete the information once the file had been repaired," it added. "CLP also failed to realise that the data had been transferred on two separate occasions and were unaware that customer's details had been made available online."
Speaking to the Financial Times, acting head of enforcement at the ICO Sally Poole added, "This case highlights the need for companies to ensure their contractors are following procedures on keeping customer's personal information secure."
