The Information Commissioner’s Office (ICO) (the UK’s “data regulator”) has fined a small video game rental company £60,000 after failing to take basic action to prevent an SQL injection vulnerability with their website, which led to a data breach and access to customer details.
This latest fine just indicates that any size business is at risk and data protection is not just about how you use personal data for marketing, it’s also about security and website security at that.
You can read the full details of the ICO notice of the fine, here.
Providing cost-effective, simple to understand and practical GDPR and ePrivacy advice and guidance, via my one-stop-shop helpline. I ❤️ GDPR