Leicester City Council facing ICO investigation
The local authority loses home security and medical data of 4,000 elderly and vulnerable people.
Leicester City Council could be hit by an Information Commissioner's Office (ICO) fine after losing data on 4,000 elderly and vulnerable people.
LeicesterCare, the council's service which supports vulnerable city residents, lost a USB stick containing medical information and home security codes, according to a report from the Leicester Mercury.
The ICO, which has the power to fine organisations up to 500,000, confirmed to IT PRO it was looking into the case and would be making inquiries.
A spokesperson for the council said it was investigating the "possible loss of a data device," adding there was no reason to suspect the information had been removed deliberately.
"However, whilst we have been assured by our supplier that the information on the device is not accessible to anyone who may find it, we are taking every precaution to maintain the security of our LeicesterCare users," the spokesperson added.
"So, as a precaution, we are urgently carrying out changes to the keysafe codes of around 2,000 users. We began this programme last week and will have completed all of the code changes by Friday."
The memory stick was not supposed to leave the council's premises, and the local authority believed the device could be missing within the building.
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.
Terry Greer-King, Check Point UK managing director, said it was positive the council had taken steps to ensure the sensitive data was not accessible to outside parties.
However, many councils have been guilty of not adding such layers of security, leaving the Leicester body in "the minority," Greer-King said.
"There's still a big security gap to be bridged, even though automated data encryption is easily deployed so that employees cannot work around or disable the protection," he added.
Last week, the ICO confirmed it would be investigating a security breach at the University of York, when 148 individual student records were accessed.
Tom Brewster is currently an associate editor at Forbes and an award-winning journalist who covers cyber security, surveillance, and privacy. Starting his career at ITPro as a staff writer and working up to a senior staff writer role, Tom has been covering the tech industry for more than ten years and is considered one of the leading journalists in his specialism.
He is a proud alum of the University of Sheffield where he secured an undergraduate degree in English Literature before undertaking a certification from General Assembly in web development.