Data Protection: Stolen Laptops

[OneRedArmy]

I have an expectation that my bank, utilities suppliers and other companies with which I do business will do a better job of protecting me than this. Baseless? It's fairly trivial to break into most laptops if you know what you're doing - I've seen it done. There are then, in these cases, tens of thousands of people's data open to abuse. If you don't shred your bank statement and someone roots through your rubbish, one person's data is open to abuse - yours. I think there's a fairly substantial difference.


It's baseless, but not irrelevant?

The fact is, there have been a bunch of cases like this now, and still the ****wits in an Bord Gáis failed to learn. Whoever is responsible for the fact that that laptop had unencrypted data - at a strategic level and in terms of actually implementing it - should be fired for exposing the company to significant risk of adverse financial and PR outcomes.

Until an actual fraud is perpetrated it's baseless.

My point stands. There are 1,001 more ways you're likely to be defrauded.

By all means sack the person whose laptop was unencrypted, but seriously?

Do you know what info was on the laptop?

[John83]

Until an actual fraud is perpetrated it's baseless.

Ha!

Do you know what info was on the laptop?

Names and bank account numbers. I think there was a third significant field too. Not that anyone can do anything with that information, of course.

[pete]

There is a simple soluion to this. Either get the Data Protection Commissioner to use his powers or if not strong enough give him more powers.

Lets start with E10 fine for every case of lost or stolen data. 1,000 account details stolen means E10,000 fine & so on. For every week the thefy remains unreported to the Commissioner then double the fine.

[Ringo]

Got a letter yesterday from Bord Gais to say my details were stolen. It shouldn't happen in this day & age. Letter basically says sorry, but its your problem

[passinginterest]

Got a letter yesterday from Bord Gais to say my details were stolen. It shouldn't happen in this day & age. Letter basically says sorry, but its your problem

Got the letter yesterday. If anyone's data does get used in a fraud case could all the people affected bring some sort of group action against Bord Gais for their reckless treatment of highly sensitive data?

Just curious, I can't see the data being used in that way, and I don't think I'd be interested in getting involved in a massive lawsuit, but I'm curious as to whether or not it would be possible.

[pete]

Got the letter yesterday. If anyone's data does get used in a fraud case could all the people affected bring some sort of group action against Bord Gais for their reckless treatment of highly sensitive data?

I believe it was mentioned as part of the previous news stories but I believe BGE are liable for any money you lose as a result of their actions. I am sure it would have to prove cause & affect but they cannot deny they "lost" the info as they have already admitted that.

[OneRedArmy]

Got the letter yesterday. If anyone's data does get used in a fraud case could all the people affected bring some sort of group action against Bord Gais for their reckless treatment of highly sensitive data?

Just curious, I can't see the data being used in that way, and I don't think I'd be interested in getting involved in a massive lawsuit, but I'm curious as to whether or not it would be possible.

Yes, you would have a case against BG.

In any case the DPC will likely take action.

[dahamsta]

In any case the DPC will likely take action.

Not this Commissioner. They'll get no more than a slap on the wrist from Billy Hawkes.

[pete]

Not this Commissioner. They'll get no more than a slap on the wrist from Billy Hawkes.

The Commissioner is more like an Ombudsman as if you look at thew web site they just investigate complaints & just tell offenders not to do it again. Even the HSE incident from last year is not listed on the site from what I can see...

[Ash]

Got the letter yesterday too.