Laptop security breach leads to heavy fines for Ealing and Hounslow Councils

Ealing and Hounslow Councils have become the latest organisations to be fined by the Information Commissioner’s Office (ICO), following the theft of two unencrypted laptops.

The two laptops contained the details of around 1,700 council clients and were stolen from the home of an Ealing Council employee. The employee was part of a team of nine staff who work remotely for an after-hours facility serving both Ealing and Hounslow Council.

The ICO said the theft was a significant risk to these people’s privacy and has issued a £80,000 penalty to Ealing Council and a £70,000 fine to Hounslow Council. Such heavy penalties are a result of the fact that neither laptop was encrypted, as required by the councils’ policies.

Although encryption would have provided some protection for the clients’ data in the event of theft, encryptions can be broken by the most committed thieves, meaning data could be accessed. Recent laptop theft statistics reveal that identity theft costs the UK approximately £1.7bn a year, but cases could be drastically reduced by installing data protection software.