ICO warning as business fined £60,000 following cyber attack

11th July 2017

The Information Commissioner’s Office (ICO) is warning SMEs to take care or face a fine. The warning comes after a company which suffered a cyber attack was fined £60,000.

The investigation by the ICO found Boomerang Video Ltd based in Berkshire failed to take basic steps to stop its website being attacked.

Sally Anne Poole, ICO enforcement manager, said:

Regardless of your size, if you are a business that handles personal information then data protection laws apply to you.’  

‘If a company is subject to a cyber attack and we find they haven’t taken steps to protect people’s personal information in line with the law, they could face a fine from the ICO. And under the new General Data Protection Legislation (GDPR) coming into force next year, those fines could be a lot higher.’

‘Boomerang Video failed to take basic steps to protect its customers’ information from cyber attackers. Had it done so, it could have prevented this attack and protected the personal details of more than 26,000 of its customers.’

Further details of the case can be found using the links below together with guidance on data protection issues including guidance on the new General Data Protection Regulations which come into effect on 25 May 2018.

Internet links: ICO news ICO report Boomerang data protection reform updated toolkit for SMEs

Blog content – Mercia-Group

Other items in Blogs
Harriet Sim
22nd October 2021 Self Assessment late payment penalties

HMRC are now issuing six month late payment penalty notices, as the due date for 2019/20 tax payments was over seven months ago (includes consideration to the additional months extension as a result of the pandemic). Taxpayers facing financial difficulties due to the impact of COVID-19 may have entered into a time to pay arrangement…

Nick Edgley
21st October 2021 Holiday lettings – declare to HMRC

If you own a UK holiday let are you declaring your rental profits to HMRC? If not time may be running out to make a voluntary disclosure of past profits.   HMRC has the power to request information, or documents, from third parties such as holiday booking sites; as well as being able to search…

Keri John
20th October 2021 Xero – Assigning Bills to Customers

You can now assign bills to customers in Xero!   This makes it easier to allocate expenses occurred during a job to the correct customer.   Perfect for Estate Agents, event planners and more.   When creating a bill to pay onto Xero there is an option to ‘assign the bill to a customer’. You…

Jake Day
20th October 2021 Minimising Your IHT Exposure

As Benjamin Franklin once said; the only two certainties in life are death and taxes. Although it’s a sombre subject, it is important to put in place the right planning so that when we are hit by one, we can avoid the other. We want to ensure we are able to leave as much of…

Paul Jefferson
19th October 2021 VAT Registration

A business must compulsorily register for VAT if taxable 12 month turnover exceeds £85,000. They can voluntarily register for VAT as soon as they start trading, providing they expect to make taxable supplies in the future.   Businesses that provide to other businesses may choose to register for VAT voluntarily before the registration threshold is…

Sharon Mace
13th October 2021 VAT DIY Scheme: HMRC update list of allowable expenses

There has been some controversy on claims made on DIY building schemes. HMRC have updated their guidance on goods and services that can be claimed under the VAT DIY Housebuilders’ Scheme.   The list is extensive and gives an ABC of items that are allowed, from Agas to woodworm treatment – but there’s a catch,…