Egress comment on local authority data breach

The personal details of more than 30 people who applied to Glasgow City council for it's school clothing grant have been leaked to third parties. In response to this, Egress Software’s (www.egress.com) CEO, Tony Pepper, said: "News breaking this morning that 30 low income families, who applied for help to buy school uniforms, have had their personal information and children’s details leaked by Glasgow City Council has brought back into sharp focus the need for organisations to ensure they’re using the right tools for the right job.

The data breach has seen sensitive information such as children’s names, which school they attend, their dates of birth, their parents’ earnings, national insurance details and banking information leaked in an incident the local authority described as a 'procedural error'.

GDPR has been firmly put back at the top of the boardroom agenda by the hefty fines recently doled out by the ICO to BA and Marriott, reminding organisations that they have a duty of care to protect all clients’ and service users’ data. Breaches like this highlight the need to ensure that staff can share sensitive data securely when they need to – with policies and technologies forming a ‘safety net’ that reduce the likelihood of human or procedural error putting information at risk.

In particular, organisations should look to implement more robust risk-based protection tools to avoid issues like misdirected emails, and enable employees to work effectively and securely. With intelligently applied machine learning and advanced DLP technologies, it is possible to mitigate against such errors and enhance organisations’ cybersecurity posture."