Heathrow Airport Fined by ICO Over Data Breach

Heathrow Airport Fined by ICO Over Data Breach
ICO News

It’s not every day when you see an airport coming under heat for security reasons. London’s Heathrow, one of the busiest airports in the world would be the last place you’d expect to be surrounded by security issues.

Recently, an ICO has fined the airport with £120,000 penalty for a data breach. The airport was accused of “catalog of shortcomings” over failing to secure data.

The investigation was started by the ICO after an airport member found a USB stick. This USB stick was misplaced by a Heathrow employee in October 2017.

The USB drive contained over a thousand files in 76 folders and did not feature any encryption or password protection. This allowed the member to view the contents of the drive at a local library.

Steve Eckersley, Director of Investigations for the ICO said

“Data protection should have been high on Heathrow’s agenda. But our investigation found a catalog of shortcomings in corporate standards, training and vision that indicated otherwise.”

He further commented

“Data protection is a boardroom issue and it is imperative that businesses have the policies, procedures, and training in place to minimize any vulnerabilities of the personal information that has been entrusted to them.”

Although there wasn’t a sizable sensitive and personal data on the stick, the ICO was concerned about a training video which exposed personal details of 10 individuals. The information that was leaked included names, date of birth, passport numbers and details of 50 Heathrow aviation security personnel. 

The leak came to light when its contents were shared with a national newspaper. The news outlet took copies of the data before returning the stick to Heathrow Airport Ltd. (HAL). Once the organization was informed about the leak, standard procedures were followed that including police reporting and hiring of a third-party to monitor the internet and the dark web.

Heathrow’s Security Concerns

The investigation carried out by the ICO found that out of the staff of 6,500, only two percent of HAL’s staff has received formal data protection training.

There were further concerns over the use of removable media which violated HAL’s own policies. This also included inefficient methods to prevent personal data from being used and downloaded onto unauthorized and unencrypted media.

No Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

South Korea Conducting Survey Over ICOs
ICO News
South Korea Conducting Survey Over ICOs

An increasing number of countries look to regulate the cryptocurrency market. The South Korean government has said that …

Hacker Spends Entire Day Hacking Pigeoncoin
ICO News
Hacker Spends Entire Day Hacking Pigeoncoin

A hacker recently spent an entire day trying to exploit a vulnerability of the Pigeoncoin cryptocurrency to steal …

TD Ameritrade Announces Crypto Exchange
ICO News
TD Ameritrade Announces Crypto Exchange

Even though the cryptocurrency market is seeing a continuous downtrend, it seems that companies cannot stay away from …

Recent Blogs










Subscribe To Our Newsletter

Join our mailing list to receive the latest news and updates from our team.

You have Successfully Subscribed!