GDPR nightmares before Christmas

The Festive Season is never dull when it comes to data and security breaches...

GDPR nightmares before Christmas
GDPR nightmares before Christmas
Clive Mackintosh
December 13, 2022
Cyber Security

GDPR Representation doesn't take a day off,  the Festive Season is never dull when it comes to data and security breaches.

In December 2021, the ICO fined the UK Government £500,000 for inadvertently publishing online details of its Honours List which contained the personal data of over 1,000 individuals who had been the recipient of an award. 

This included the names and addresses of some very high-profile celebrities. The way the list was able to be published without even the basic consideration for the protection of an individual’s personal data was truly alarming.

In another concerning case, the medical records of patients registered to an abandoned GP’s surgery in Warwick were found dumped in a filing cabinet outside the front door to the surgery. The records contained patients’ names, dates of birth, addresses and confidential NHS ID numbers.

Meanwhile, at the well-known classifieds site, a security researcher was able to gain access to sensitive personally identifiable data of advertisers simply by pressing F12 on his keyboard.

As we also lead up to the Christmas period, the threat of ransomware and other forms of malicious cyber-attacks increases due to increased online shopping activity, office shut down and remote working. With more social activities including office parties and company celebrations taking place it is important to make sure no sensitive data is on screen when any photographs are taken, and that systems and machines are secured when left unattended.

Organisations should have a contingency plan in place to cover for resolving a cyber-attack during the festive period. This could be the best Christmas present it ever receives. An effective Cyber Incident Response Plan will help manage and resolve an attack, help prevent the loss and theft of customer and employee data as well as allow for the continuation of business operations as usual.

Before you finish for Christmas, pause and reflect on who will be looking after the security and protection of your business – after all, Christmas is a time for joy and thanksgiving not for saving your organisation from the brink of a cyber disaster.

GDPR Rep is on a mission to help every business achieve and maintain GPDR representation. If you are looking into how your organisation can fulfil its requirements why not schedule a no-commitment call with a GDPR representative expert today, or get a quote to understand how our value pricing makes compliance simple.

GDPR Representation - get your quote
We use cookies on our site.
GDPREP.ORG would like to use performance and analytic cookies while you visit and browse our site to improve your experience. This means we may collect some of your data and you can read more about our use of cookies here. You can withdraw your consent at any time by emailing us at: View our Cookie Policy for more information.