DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

UK: Warning to police staff as force fined £130,000 for losing rape victim interview

Posted on April 5, 2018 by Dissent

From the Information Commissioner’s Office, an enforcement action in a troubling breach incident:

Humberside Police has been fined £130,000 by the Information Commissioner’s Office (ICO) after disks containing a video interview of an alleged rape victim went missing.

The three unencrypted disks and accompanying paperwork were left in an envelope on an officer’s desk. The bundle contained the victim’s name, date of birth and signature as well as details about the alleged rape itself, the victim’s mental health and the suspect’s name and address.

The envelope was due to be posted to Cleveland Police but never arrived. It is not known whether the package was actually sent.

An ICO investigation found:

  • Humberside Police failed to encrypt the disks before sending (or intending to send) by unsecure mail;
  • Humberside Police failed to maintain a detailed audit trail of the package;
  • The Protecting Vulnerable People Unit within Humberside Police failed to adhere to its ‘Information Security Policy’ in relation to removable media.

Steve Eckersley, ICO Head of Enforcement, said:

“We see far too many cases where police forces fail to look after disks containing the highly sensitive personal information contained within victim or witness interviews.

“Anyone working in a police force has a duty to stop and think whenever they handle personal details – making sure they are using the most appropriate method for transferring information and considering the consequences of it being lost before going ahead. Staff training in this area is vital.”

He added:

“Police forces deal with such sensitive information that when things go wrong, it’s likely to be serious. This case shows how crucial it is to keep a clear record of what’s been sent, when and who to.”

Humberside Police, headquartered in Hull, has also been asked by the ICO to sign a commitment to take steps to improve its data protection practices.

Category: Government SectorNon-U.S.Of Note

Post navigation

← Wisconsin Department of Health Services and The Management Group Announce Breach of Information
Police: Hackers tried to alter grades at Virginia school →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Montana Attorney General launches investigation into Lee Enterprises data breach
  • AT&T gets preliminary approval for $177 million data breach settlement
  • Aflac notifies SEC of breach suspected to be work of Scattered Spider
  • Former JBLM soldier pleads guilty to attempting to share military secrets with China
  • No, the 16 billion credentials leak is not a new data breach — a wake-up call about fake news (Updated)
  • Tonga’s health system hit by cyberattack (1)
  • Russia Expert Falls Prey to Elite Hackers Disguised as US Officials
  • Proposed class action settlement in In re Netgain Technology litigation
  • Qilin Offers “Call a lawyer” Button For Affiliates Attempting To Extort Ransoms From Victims Who Won’t Pay
  • Ireland’s Data Protection Commission publishes 2024 Annual Report

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • The Markup caught 4 more states sharing personal health data with Big Tech
  • Privacy in the Big Sky State: Montana’s Consumer Privacy Law Gets Amended
  • UK Passes Data Use and Access Regulation Bill
  • Officials defend Liberal bill that would force hospitals, banks, hotels to hand over data
  • US Judge Invalidates Biden Rule Protecting Privacy for Abortions
  • DOJ’s Data Security Program: Key Compliance Considerations for Impacted Entities
  • 23andMe fined £2.31 million for failing to protect UK users’ genetic data

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.