- Chief Compliance Officer and VP of Legal Affairs, Arrow Electronics
By 
Neil Hodge2022-10-24T14:29:00
The head of the U.K. Information Commissioner’s Office (ICO) warned companies not to ignore “crucial measures” to prevent cyber incidents following the regulator’s decision to fine construction firm Interserve 4.4 million pounds (U.S. $5 million) for failing to secure employee personal information.
“The biggest cyber risk businesses face is not from hackers outside of their company but from complacency within their company,” said U.K. Information Commissioner John Edwards in a news release Monday. He added organizations are leaving themselves vulnerable to cyberattacks by ignoring simple measures like updating software and training staff.
The ICO determined Interserve breached the U.K. General Data Protection Regulation (GDPR) by failing to keep the personal information of its 113,000 staff secure when it suffered a ransomware attack. Between March 2019 and December 2020, the ICO said the company, which is in the process of being broken up, failed to take appropriate technical and organizational measures to protect personal data.
THIS IS MEMBERS-ONLY CONTENT. To continue reading, choose one of the options below.
News and analysis for the well-informed compliance or audit exec.
Annual Membership best value
Subscribe now for $365
Our lowest price ($1 per day) for one year.
The U.K. Information Commissioner’s Office began publishing the details of cases where organizations breached the General Data Protection Regulation but were not fined. Legal experts share their take on the initiative.
Four senior compliance practitioners share their roles in ensuring data privacy compliance at their respective companies and the other departments that support their efforts.
Discord, a popular communication service primarily utilized by the video game community, was assessed a fine of €800,000 (U.S. $829,000) by the French data protection authority for multiple violations of the General Data Protection Regulation related to safeguarding user data.
Three former executives of Chicago-based Outcome Health, a healthcare technology company, were sentenced for misleading an auditor, clients, lenders, and investors about a scheme to sell $45 million in overbilled advertisements.
A home health company operating in Indiana, Ohio, and Texas agreed to pay nearly $4.5 million to settle allegations it filed false claims by giving sports tickets and other kickbacks to assisted living facilities in exchange for referrals.
Crypto-friendly Silvergate Bank will pay a total of $63 million penalties to California and the Federal Reserve Board to settle charges that its anti-money laundering program failed to properly monitor more than $1 trillion worth of customer transactions.
