"It is understood that the incident was caused by human error, but HP has processes in place to prevent these types of outcomes, and it is not known why the person did not follow them."
Which is why you take precautions to prevent human error from causing major problems. Like Data Leakage Protection between your internal and external connections. Something that detects things like National Insurance Numbers and PAN details in an email and blocks it from being sent outside the company without additional authorisation.
FFS Exchange 2013 has some of this built in already, its not hard you know!!!
Biting the hand that feeds IT
