“With cyber crime constantly increasing in its sophistication, companies cannot underestimate the capabilities of malicious hackers.
“With the FSA having levelled a record fine at Zurich Insurance for data loss only last month, I would expect the ICO to hold up ASC:Law as another example of lax IT security and fine the law firm the maximum amount of £500,000. Taking into account the sensitive nature of the information leaked and the manner in which it has been leaked, this could be interpreted as one of the worst data leaks of all time.
“The firm in question was clearly lax in its information security policies and provision. This is particularly surprising taking into account the likelihood of reprisals from angry file-sharers. If you are a company that is highly likely to be a target of a malicious attack, all sensitive data should be handled with the utmost rigour with robust data handling policies, strict access controls and regular independent security testing.”