FOI request reveals primary data breach drivers

An FOI request submitted to the Information Commissioner’s Office has revealed that of the 4856 personal data breaches reported in the first half of 2019, 60% were caused by human error. Of those incidents, 43% were the result of incorrect disclosure (with 20% posting or faxing data to the incorrect recipient). Of all data breaches, 18% were reported by companies operating in the healthcare sector.

Tony Pepper, CEO of Egress, which submitted the FOI request said that while organisations are largely fixated on external threats, the “fallibility of people and an inherent inability of employees to send emails to the right person” should be a key focus. “Not every insider breach is the result of reckless or negligent employees, but regardless, the presence of human error in breaches means organisations must invest in technology that works alongside the user in mitigating the insider threat,” he warned.

“The healthcare sector persistently tops the list when analysing the sectors affected by data breaches. This is very concerning, especially given the nature of the data. Why this particular industry continues to suffer from internal breaches is worrying and the sector must quickly take action to identify how it can work towards mitigating the insider threat.”

Personal data breaches: Behind the numbers (Source: Egress)

Analysing the ICO’s personal data breaches for the period by sector reveals the following:

18% were reported within healthcare
16% were reported within central and local government
12% were reported within education
11% were reported within the legal sector
9% were reported within financial services

    Share Story:


Cyber physical risks
Property damage as a consequence of cyber attack is often excluded from standard property policies, but as the industrial internet of things expands, so too do the risks. This podcast examines the evolving threat landscape. Published October 2021

Financial institutions were early adopters of cyber security and insurance. Are they still on top of the game?
Managing huge amounts of sensitive data online makes financial institutions a prime target for hackers. As such, the sector was an early cohort for insurers in creating cyber cover. Since then, the market has evolved almost beyond recognition. It continues to challenge itself to this day, complying with rigorous regulatory demands and implementing avant-garde enhancements to keep abreast of the ever-changing risks. Published June 2021