GDPR claims first corporate victims

The General Data Protection Regulation (GDPR) has been in force for less than two months, and already some well-known brands have fallen foul due to data breaches.

Luxury retailer Fortnum & Mason admitted the loss of some 23,000 customer records - which included emails, telephone numbers and delivery addresses of customers who filled out a survey - due to the use of a third-party survey provider.

In a similar breach to that of digital-only bank Monzo, which also used Typeform, an unknown hacker gained access to its server and downloaded the data contained in survey forms.

Meanwhile, Travelodge was also forced to announce that 180,000 personal details of its clients were taken, including date of birth, passport numbers and billing information.

Under the new regulations - which require disclosure within 72 hours of a breach - both companies have had to contact each person whose data has been lost.

Colin Tankard, managing director of data security firm Digital Pathways, commented that if these brands had encrypted their data, they would not need to contact each customer as, under GDPR, if the data is encrypted, it is only the Information Commissioners Office which needs to be advised.

“Already, it seems that many companies are being ‘hit’ with requests regarding the use of personal information, putting huge strain on company resources,” he said. “It’s hard to believe that after months of pre-GDPR consultancy work and reports on what needs to be done, companies have not installed technology that would solve these problems.”

Tankard continued that companies must, automatically, move any personally identifiable data to a secure location, where encryption is applied.

“It seems a ‘no brainer’ to do this, rather than face a huge fine, high costs of managing and notifying thousands of people, as well as handling their subsequent questions, the public disclosure and the bad press.”

    Share Story:

Recent Stories


New Business Frontiers
FStech’s Mark Evans discusses the future of financial services with Liu Jianning of Huawei, covering the limitations that current thinking can impose, how financial institutions can embrace technology to be both agile and resilient, and making space for the organisation to focus on the job of creating innovative business models and on delivering business value for their customers.

The Future of Intelligent Finance
FStech Group Editor Mark Evans sits down with Jason Cao, President of Global Financial Services Business Unit, Enterprise BG at Huawei ahead of its Intelligent Finance Summit which was held on 3rd and 4th of June in Shanghai. This Q&A delves into key trends in digital transformation of the financial services industry as well as a look at how data, robotic infrastructure, intelligent storage and innovative technologies are shaping the future for FSIs.

Cracking down on fraud
In this webinar a panel of expert speakers explored the ways in which high-volume PSPs and FinTechs are preventing fraud while providing a seamless customer experience.