According to information from a report by privacy advocates Big Brother Watch, despite assurances that local government authorities are taking data protection seriously, more than a quarter of UK councils have had systems breached in the last five years.
The report also found that the majority of the successful breaches were caused by the simple and well-known phishing method, pointing to staff as the “weakest link” in terms of cybersecurity and data defence.
The report also references the fact that three-quarters of councils reportedly do not provide mandatory cyber-security training, with 16% not providing any at all.
What this means for Councils?
- A quarter of the councils reviewed had their systems breached
- Three-quarters are not providing mandatory cyber-security training
- 16% of council staff receive no cyber-security training all
- Council staff falling foul of the most basic of cyberattack methods – phishing
It’s clear that councils are still not prepared enough (or at all) for cyber-attacks. With the wealth of information that local authorities and the agencies who work on their behalf have to hold about us, this report makes for damning reading.
Should we be concerned?
Yes, we should.
To give you a practical insight, we deal with a lot of council-related data protection leaks and breaches, and we know just how bad the consequences can be.
From personal information that can be enough to lead to fraud, to sensitive records and information about domestic violence or child abuse cases being leaked, council data protection breaches can be very severe indeed.
An attack every “37 minutes”
The report said that there were 98 million cyber-attacks on local authorities between 2013 and 2017.
This equates to an attack every 37 minutes, statistically.
With local government authorities being hit with what appears to be a continual barrage of cyber-attacks, it’s considerably worrying that some three-quarters of them do not provide mandatory cyber-security training. With the new GDPR legislation coming in to force in May, the fines for data protection breaches can run into the millions.
It will simply be no longer a feasible option to ignore the importance of data protection and cybersecurity.
As a victim of a council data protection breach, what can you do?
If you have been affected by a data protection breach committed by a council, or an agency working on behalf of a local authority, you may have a claim for compensation. Speak to our team in confidence about your options today.