The Information Commissioner\u2019s Office (ICO) has charged Gloucester Council with a \u00a3100,000 fine because of finding 30,000 emails consisting of sensitive information downloaded by cyber attack group Anonymous.<\/p>\n
According to ICO, the council did not have sufficient processes in place to make sure its systems had been updated while changes to suppliers were made.<\/p>\n
Veracode Manager Paul Farrington noted that council officials could have protected the 30,000 leaked email records without incurring any additional cost burden. \u201cTop of the list, will be the notion that the council had outsourced the responsibility to a third-party IT provider to manage vulnerabilities.\u201d<\/p>\n
\u201cThe reality however, is that you can\u2019t outsource the obligation to protect the privacy of individuals. Whilst one might be able to cut costs by getting a firm to look after day-to-day tasks, the buck still stops with the data owner \u2013 in this case Gloucester City Council,\u201d he added.<\/p>\n
Managing Director of Gloucester Council believes that the fine will only result in money being taken from local citizens and given to HM Treasury.<\/p>\n
Written from press release and source by Leah Alger<\/p>\n