DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

NI Department of Justice fined for data breach

Posted on February 11, 2014 by Dissent

BBC reports:

Northern Ireland’s Department of Justice has been fined £185,000 for auctioning off a filing cabinet that contained personal information about victims of a terrorist attack.

The locked cabinet was one of 59 sold off by the Compensation Agency in 2012.

When the buyer forced it open, they found it contained documents about injuries suffered, family details, and confidential ministerial advice.

Read more on BBC.  The Information Commissioner’s Office issued the following statement:

A Government department has been fined after a filing cabinet that contained personal information relating to victims of a terrorist incident was sold at an auction.

The files included in the cabinet contained information about the injuries suffered, family details and the amount of compensation offered, as well as confidential ministerial advice.

After an ICO investigation, a civil monetary penalty of £185,000 was issued to Department of Justice Northern Ireland (DoJ NI) for what was described as a very serious data breach.

The incident occurred when the Compensation Agency Northern Ireland, which falls under the control of DoJ NI, moved offices in February 2012.

Staff did not realise the locked cabinet contained sensitive information, and it was earmarked for auction alongside other unwanted office furniture. It was sold, without a key, to a member of the public in May 2012.

When the buyer forced the lock he found papers dating from the 1970s through to 2005. The buyer immediately contacted the Police Service Northern Ireland who returned the papers to the Compensation Agency.

While there was an expectation within the agency that personal data would be handled securely, the ICO investigation found limited instructions to staff on what this meant in practice, despite the highly sensitive information the office held.

ICO Assistant Commissioner for Northern Ireland, Ken Macdonald, said: “This is clearly a very serious case. While failing to check the contents of a filing cabinet before selling it may seem careless, the nature of the information typically held by this organisation made the error all the more concerning.

“The distress that could have been caused to victims and their families had this fallen into the wrong hands is self-evident.”

Category: ExposureGovernment SectorNon-U.S.Of NotePaper

Post navigation

← Wide Area and Sensing Conference Hacked, Database Leaked for #OpbigBrother
UK: Police censured for data breaches →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • How the Signal Knockoff App TeleMessage Got Hacked in 20 Minutes
  • Cocospy stalkerware apps go offline after data breach
  • Ex-NSA bad-guy hunter listened to Scattered Spider’s fake help-desk calls: ‘Those guys are good’
  • Former Sussex Police officer facing trial for rape charged with 18 further offences relating to computer misuse
  • Beach mansion, Benz and Bitcoin worth $4.5m seized from League of Legends hacker Shane Stephen Duffy
  • Fresno County fell victim to $1.6M phishing scam in 2020. One suspected has been arrested, another has been indicted.
  • Ransomware Attack on ADP Partner Exposes Broadcom Employee Data
  • Anne Arundel ransomware attack compromised confidential health data, county says
  • Australian national known as “DR32” sentenced in U.S. federal court
  • Alabama Man Sentenced to 14 Months in Connection with Securities and Exchange Commission X Hack that Spiked Bitcoin Prices

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Police secretly monitored New Orleans with facial recognition cameras
  • Cocospy stalkerware apps go offline after data breach
  • Drugmaker Regeneron to acquire 23andMe out of bankruptcy
  • Massachusetts Senate Committee Approves Robust Comprehensive Privacy Law
  • Montana Becomes First State to Close the Law Enforcement Data Broker Loophole
  • Privacy enforcement under Andrew Ferguson’s FTC
  • “We would be less confidential than Google” – Proton threatens to quit Switzerland over new surveillance law

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.