Although the most dramatic data breaches seem to have occurred on the other side of the pond, Britain is no stranger to data breaches with far reaching consequences. In fact, US policy forces companies to admit when these breaches happen, something most of the rest of the world actually lags behind in – so we may not even know the full extent of British incidents.
We are going to go through some of the most dramatic data breaches that’ve hit old Blighty.
- TalkTalk
In 2015 the TalkTalk CEO went on TV to reassure its customer base, 4 million or so at the time, that the data breach that had occurred affected “only” 150,000 or so customers. This was the second of three such violations the company suffered THAT YEAR and is credited with bringing data breaches as a whole into the mainstream consciousness.
- Staffordshire University
In 2014 a stolen laptop gave the thieves access to over 100,000 student records. The BBC reported on just how much personal information of the student body was now privy to whoever the thieves deemed worthy. Luckily, it seems most of the files were still password protected even when someone was able to access the device. There is a valuable lesson in that.
- Yahoo
There are actually a few Yahoo incidents. Over 500 million accounts were breached in 2014, the extent of the damage caused by that breach will probably never be known. That is dwarfed, however, by the 1 billion accounts breached in 2013. Both telephone numbers and security question answers may have been exposed in that incident. They had a large UK user base at the time. Now I’m pretty sure they only have people who haven’t gotten around to deleting the account, or only use it to absorb spam when they sign petitions or raffles.
- HM Revenue & Customs
This event is possibly the most famous of the incidents since it involved children. Though no known adverse actions have been taken with the missing info, the incident underlined the growing need for responsible data handling. 2 CDs were lost that contained info on every child in the country. Secure data backup systems were created to avoid incidents like this.
- Brighton and Sussex University Hospitals
In 2010 some hard drives were sold on eBay. The problem? Data pertaining to thousands of people were contained on the drives. After an investigation and some hefty fines, it turns out over 200 drives were improperly wiped ad sold.
- T-Mobile
This is probably one of the more nefarious breaches since it wasn’t an accident on the part of the company that gave away the info. In 2009 employees were caught selling info of customers to 3rd party brokers.
- Nationwide Building Society
In 2006 an unencrypted laptop was stolen, and the records of millions were now in the hands of the thieves. This was the first incident of this scale in the UK, and the government tried to make a show of the punishment. The fine imposed on Nationwide is still the largest to date of a breach of this type, though it does not seem the message was heard by a good chunk of other businesses.