Here’s another UK breach that we didn’t hear about at the time and only learned about because the entity had to sign an undertaking with the ICO:
An undertaking to comply with the seventh principle of the DPA has been signed by Alan M Casson & Associates, after two unencrypted laptops and back up media had been stolen during a burglary of their premises. The laptops contained personal data relating to 8000 current and past patients.
The undertaking indicates that although “the personal data did contain a note of treatment received, it did not contain any details concerning patients’ medical history.” The practice appears to be a dental practice in Harrogate.
The laptops had been stored in a locked cupboard in a locked office. The back up media was stored in a safe which was also stolen during the incident.
There is no indication as to when this incident occurred.