Reply to post:

Morrisons is to blame for 100k payroll theft and leak, say 9,000 workers

Pier Reviewer

Not exactly rocket science this one. Morrison’s be screwed. Can’t blame them for arguing the case, but they won’t win it. Schedule 1 Data Protection Act 1998 provides :

“Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data.”

Appears the only reason he had the data was to pass it on to the external auditors. Should have been encrypted at rest so he could pass on the data, but couldn’t access it himself. Morrison’s failed to take appropriate measures. Yet another case of security controls being bypassed or not deployed because it makes life a bit more difficult. As a result control of 100k people’s data is lost.

The only good news for Morrison’s is it pre-dates GDPR.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon