Virgin Media has been found in breach of the Data Protection Act following the loss of an unencrypted CD containing the personal details of over three thousand customers.
The telecoms provider reported the breach to the Information Commissioner's Office (ICO) earlier this year following the loss of a compact disc that was passed to Virgin Media by Carphone Warehouse containing the personal details of individuals interested in opening a Virgin Media account in a Carphone Warehouse store.
The ICO said it had ordered to implement a number of security measures with immediate effect to protect customers' personal information more effectively. These include encrypting all portable or mobile devices that store and transmit personal information.
And any company processing personal information on behalf of Virgin Media must also now use encryption software, which must be clearly stated as a requirement in all contracts.
The ICO has also required Virgin Media to sign a formal undertaking to comply with the principles of the Data Protection Act. And it said failure to meet the terms of the undertaking would be likely to lead to further enforcement action.
Mick Gorrill, ICO assistant commissioner, said this latest in a series of clampdowns on organisations found to have lax security procedures proved the ICO is taking all data breaches seriously, one of which involved the Liberal Democrats only earlier this week.
"The Data Protection Act clearly states that organisations must keep personal information secure," he said. "Virgin Media recognises the seriousness of this data loss and has agreed to take the immediate remedial action that we have outlined in order to protect its customers' personal details."
A Virgin Media spokesperson said: "This was an isolated incident which occurred in May and only affected a small number of people."
"Through our own undertaking we also took the decision to proactively contact all of the affected customers directly to ensure we met all of our responsibilities and support them through the process. Since our internal review, we have implemented all of the requirements stipulated by the ICO," the spokesperson added.
-
Should AI PCs be part of your next hardware refresh?AI PCs are fast becoming a business staple and a surefire way to future-proof your business
-
Westcon-Comstor and Vectra AI launch brace of new channel initiativesNews Westcon-Comstor and Vectra AI have announced the launch of two new channel growth initiatives focused on the managed security service provider (MSSP) space and AWS Marketplace.
-
Sluggish enterprise tech adoption has cost the UK economy billionsNews The UK economy could have grown dramatically had organizations accelerated digital adoption
-
NHS leaders are keen to adopt new digital tools, but IT can't solve problems on its ownA survey of healthcare decision-makers finds they believe IoT devices and electronic health recording could help them reach more patients quicker
-
Virgin Media O2 layoffs to reach 2,000, with Vodafone-Three merger ‘likely’ leading to moreNews The telco giant says it's in conversation with unions over the cuts
-
Connectivity and collaborationWhitepaper The future of work
-
Virgin and BT team up against threat of Openreach splitNews Major business rivals join forces to fight Ofcom proposals
-
Elizabeth Denham appointed ICO bossNews Denham will be tasked with helping the UK leave the EU without any knock-on effects on privacy
-
Information Commissioner signs off with overview of yearNews Christopher Graham has issued a report outlining past achievements and recommendations for the future
-
ICO blasts sluggish speed of EU data law reformsNews Information Commissioner calls for sensible laws when it comes to personal data
