Upload File

wigan council lost personal data on children and teenagers

  • Home
  • Documents
  • Wigan council lost personal data on children and teenagers
1
NEWS 8 SEPTEMBER/OCTOBER 2009 Web applications with high risk security issues up 10% The total number of web applications with at least one high risk security issue has reached 27%, an increase of 10%, according to IT security testing, auditing and consultancy company NTA Monitor. In the charity and not-for-profits sectors, security vulnerabilities more than tripled from 2008 to 2009 over a 12 month period. NTA Monitor clients in the services sectors had the highest number of high risk security issues per test despite seeing a decrease in the average number of threats. Utilities and the legal sector clients, on the other hand, had no high risk security vulnerabilities. NTA Monitor said the three most common high risk security issues were: queries initiated for an application potentially malicious code in a user’s browser arbitrary HTTP requests to applications. In addition to sanitising user-supplied data, NTA Monitor said organisations should switch from a persistent authentication method (where cookies, for example, are used to authenticate users) to a transient authentication (usually using a hardware token for continuous authentication of a user’s presence) to help prevent cross-request forgery attacks. An account lockout mechanism should also be in place to help prevent attackers from being able to brute force user accounts. Card spending research reveals UK electronic fraud hotspots Research by the 3rd Man, an electronic fraud and security specialist, has uncovered some interesting statistics about cardholder-not- present transactions, as well as fraudulent mail order and online card purchases in the UK. The study from the 3rd Man shows that, in the year to August 2009, UK shoppers spent around £46 billion on cardholder-not- present transactions. Around £0.5bn worth of this spending was carried by criminals using other people’s payment credentials without authorisation. “[Fraudsters] know that online shopping has become big business and they try every scam imaginable to dupe retailers. More and more honest people are using their cards to buy over the internet, but unfortunately more and more fraudsters are also upping their game”, said Andrew Goodwill, a fraud specialist with the 3rd Man. “However, it’s not all bad news”, he added, saying that retailers now have better fraud detection and prevention systems in place. Delving into the card fraud research reveals that London tops the league of fraudulent card transactions with South East London, and particularly Woolwich, Plumstead (SE18) and Thamesmead (SE28), gaining notoriety as the places with the most fraudulent concentration of `bad’ card activity in the UK. Based on an analysis of over 85 million `good’ and `bad’ card transactions over the 12 months to the start of August, 2009, in these South East London postcode districts alone, there were more than one million transactions overall, 66 000 of which were deemed fraudulent at a value of more than £18m pounds. Outside of the capital, other fraud hotspots – defined as having the most bad transactions in terms of their value in pounds – in the top 10 places include Manchester (4th) Nottingham (3rd), Romford (6th) in Essex, Coventry (8th) Birmingham (9th). Erith Marshes (10th), North and South West London occupy the other places. As a percentage of good versus bad transactions, Ilford in Essex also makes it into the top ten as over 7000 bad transactions amount to more than £2m pounds in fraud. Similarly, London EC makes it into the top 10 in this category with high levels of fraud versus good transactions (more than three percent). Enfield also makes an appearance with more than one percent of all transactions fraudulent. Wigan council lost personal data on children and teenagers Wigan Council has been forced to sign an undertaking with the Information Commissioner’s Office (ICO) following the theft of a laptop, which resulted in the personal data of around 43 000 children and teenagers being potentially open to abuse. executive, has given a formal undertaking that she will take steps to improve the council’s IT security. The data loss happened when a laptop – which contained personal data on children and young people in Wigan’s schools and which was The council only revealed details of the loss in March. As part of the undertaking with the ICO, Wigan council is now ensuring all of its portable computers and mobile devices used to trained in the appropriate storage and use of personal data. Commenting on the ruling, the ICO’s head of enforcement, Sally-Anne Poole, said: “I strongly advise organisations to avoid instances where employees can download large volumes of personal information.” “This incident could have been averted if the data was simply accessed from the main council computer network. Storing information on portable devices is unnecessarily risky.”

Upload: hanhi

Post on 03-Jan-2017

215 views

Category:

Documents


0 download

Report

TRANSCRIPT

Page 1: Wigan council lost personal data on children and teenagers

NEWS

8 SEPTEMBER/OCTOBER 2009

Web applications with high risk security issues up 10%The total number of web applications with at least one high risk

security issue has reached 27%, an increase of 10%, according to IT

security testing, auditing and consultancy company NTA Monitor.

In the charity and not-for-profits sectors, security

vulnerabilities more than tripled from 2008 to 2009 over a 12

month period. NTA Monitor clients in the services sectors had

the highest number of high risk security issues per test despite

seeing a decrease in the average number of threats. Utilities

and the legal sector clients, on the other hand, had no high risk

security vulnerabilities.

NTA Monitor said the three most common high risk security

issues were:

queries initiated for an application

potentially malicious code in a user’s browser

arbitrary HTTP requests to applications.

In addition to sanitising user-supplied data, NTA Monitor said

organisations should switch from a persistent authentication

method (where cookies, for example, are used to authenticate

users) to a transient authentication (usually using a hardware

token for continuous authentication of a user’s presence) to

help prevent cross-request forgery attacks. An account lockout

mechanism should also be in place to help prevent attackers

from being able to brute force user accounts.

Card spending research reveals UK electronic fraud hotspotsResearch by the 3rd Man, an electronic fraud and security specialist,

has uncovered some interesting statistics about cardholder-not-

present transactions, as well as fraudulent mail order and online card

purchases in the UK.

The study from the 3rd Man shows that, in the year to August

2009, UK shoppers spent around £46 billion on cardholder-not-

present transactions. Around £0.5bn worth of this spending was

carried by criminals using other people’s payment credentials without

authorisation.

“[Fraudsters] know that online shopping has become big business

and they try every scam imaginable to dupe retailers. More and more

honest people are using their cards to buy over the internet, but

unfortunately more and more fraudsters are also upping their game”,

said Andrew Goodwill, a fraud specialist with the 3rd Man.

“However, it’s not all bad news”, he added, saying that retailers now

have better fraud detection and prevention systems in place.

Delving into the card fraud research reveals that London

tops the league of fraudulent card transactions with South

East London, and particularly Woolwich, Plumstead (SE18) and

Thamesmead (SE28), gaining notoriety as the places with the

most fraudulent concentration of `bad’ card activity in the UK.

Based on an analysis of over 85 million `good’ and `bad’ card

transactions over the 12 months to the start of August, 2009, in these

South East London postcode districts alone, there were more than one

million transactions overall, 66 000 of which were deemed fraudulent

at a value of more than £18m pounds.

Outside of the capital, other fraud hotspots – defined as having the

most bad transactions in terms of their value in pounds – in the top 10

places include Manchester (4th) Nottingham (3rd), Romford (6th) in

Essex, Coventry (8th) Birmingham (9th). Erith Marshes (10th), North

and South West London occupy the other places.

As a percentage of good versus bad transactions, Ilford in Essex

also makes it into the top ten as over 7000 bad transactions amount to

more than £2m pounds in fraud.

Similarly, London EC makes it into the top 10 in this category

with high levels of fraud versus good transactions (more than three

percent). Enfield also makes an appearance with more than one

percent of all transactions fraudulent.

Wigan council lost personal data on children and teenagersWigan Council has been forced to sign an undertaking with the

Information Commissioner’s Office (ICO) following the theft of

a laptop, which resulted in the personal data of around 43 000

children and teenagers being potentially open to abuse.

executive, has given a formal undertaking that she will take steps

to improve the council’s IT security.

The data loss happened when a laptop – which contained personal

data on children and young people in Wigan’s schools and which was

The council only revealed details of the loss in March.

As part of the undertaking with the ICO, Wigan council is now

ensuring all of its portable computers and mobile devices used to

trained in the appropriate storage and use of personal data.

Commenting on the ruling, the ICO’s head of enforcement,

Sally-Anne Poole, said: “I strongly advise organisations to avoid

instances where employees can download large volumes of

personal information.”

“This incident could have been averted if the data was simply

accessed from the main council computer network. Storing

information on portable devices is unnecessarily risky.”

Wigan & Leigh Hospice...Wigan & Leigh Hospice, Kildare Street Hindley Wigan WN2 3HZ No stamp required but using one will reduce our costs. FOLD £1000win up to EACH WEEK The Wigan

TKR in Wigan

Platt Bridge, Wigan LEA area: Wigan Unique reference ... REPORT HOLY FAMILY CATHOLIC SCHOOL PLATT BRIDGE Platt Bridge, Wigan LEA area: Wigan Unique reference number: 106496 Headteacher:

Local Life Wigan - I49

Wigan Casino: Project Soul

Pensar Visualmente Mark Wigan

Commercial Property Wigan

Montrose Hall Wigan

Wigan 10k info pack

Pensar Visualmente - Mark Wigan

THE PLAN - Wigan

Wigan Courier

bingo classroom objects 1 - Wigan · Bingo classroom objects counters. Wigan EAL Team Bingo card. Wigan EAL Team Bingo card. Wigan EAL Team Bingo card. Wigan EAL Team Bingo card

Willard wigan micro art

Annual Audit Letter - Wigan

associates Progress for Wigan Ethical Homecare Providerswellbeingteams.org/wp-content/uploads/2017/10/... · Joanne Willmott Assistant Director, Adult Social Care, Wigan Council Wigan

Wigan Replacement Unitary Development Plan – April … · Wigan Replacement Unitary Development Plan – April 2006 1 ... Wigan Replacement Unitary Development Plan ... one of the

Willard Wigan

Wigan & Warrington 43

For Schools - Wigan

Wigan Archives & Local Studies

Wigan Council Strategic Overview & Priorities: Growth and€¦ · Wigan Council Strategic Overview & Priorities Affordable Housing, Housing Needs and Registered Providers • Wigan

Local Life Wigan I56

Anrich Vets Wigan Brochure

Wigan breakfast full presentation

PsychosocialFactorsofDifferentHealthBehaviour ...downloads.hindawi.com/journals/jobe/2012/852672.pdf · not associated with weight loss in teenagers (N=130), but adolescents who lost

Wigan Casino

Wigan Wedding Brochure

Wigan Council Archives Service Wigan Canal Boat Records...Register of Canal Boats, Wigan Urban Registration Authority, 1907-1951, Numbers 259-359 [Reference: CB/Wi/A9/3/2] Wigan Archives

Pam wigan 2

Bingo Basics - wigan.gov.uk · Bingo callers cards (cut up) Wigan EAL Team Bingo card. Wigan EAL Team Bingo card. Wigan EAL Team Bingo card. Wigan EAL Team Bingo card. Wigan EAL Team

CHADDOCK LANE, ASTLEY, WIGAN - Wigan Council - · PDF filechaddock lane, astley, wigan design and access statement: august 2015

Teenagers seen by teenagers

THREE YEARS ON - Wigan

Willard Wigan: Miniatűr művészet