The Information Commissioner’s Office (ICO) has revealed that the number of data security breaches in the private sector has increased by 58 percent year-on-year.
Between 1 April and 30 September 2011, there were 136 breaches reported to the ICO, compared to 86 in the same period last year.
Although organisations in the private and public sector are not obligated to report data breaches to the ICO, the increase notifications may be due to greater awareness among businesses of their responsibilities under the Data Protection Act (DPA). Awareness may also have grown on the back of high-profile security breaches this year, such as those by LulzSec and the Sony Playstation hack,
The ICO’s recent survey of businesses and public sector organisations revealed that nearly three quarters (74 percent) of businesses now know that the DPA requires them to keep personal information secure – up 26 percent on last year’s figure (48 percent).
However, the ICO believes that the increase in number of breaches reported indicates that businesses need to act on their heightened awareness.
Christopher Graham, the Information Commissioner, said: “I’m encouraged that the private sector is waking up to its data protection responsibilities, with unprompted awareness of the DPA’s principles higher than ever.
“However, the sector does not seem to be putting its knowledge to good use. The fact is that security breaches in the private sector are on the rise, and public confidence in good information handling is declining. Businesses seem to know what they need to do – now they just need to get on with doing it.”
The ICO has the power to impose a fine of up to £500,00 on organisations that allow a security data breach to occur, but Graham said that businesses should also consider the threat to their reputation if they do not ensure breaches are avoided.
“Customers will turn away from brands that let them down,” he said.