You are here:  
  1. Home

Data Breaches

Need to report a data breach? Use the Breach Log.

This best practice area pulls together all our relevant content on data breaches.

This includes:

  • Data Breach Procedure
  • e-learning and drip-feed posters
  • FAQs
  • Links to other relevant best practice

Data breaches should be kept at the forefront of your data protection planning, as they can result in the most disruption and harm.

Why?

The GDPR introduced a duty on all organisations to report certain types of a personal data breach to the relevant supervisory authority (The ICO). This must be done within 72 hours of becoming aware of the breach, where feasible:

  • If the breach is likely to result in a high risk of adversely affecting individuals’ rights and freedoms, individuals must also be informed without undue delay;
  • Organisations should ensure they have robust breach detection, investigation and internal reporting procedures in place. This will facilitate the decision to notify the ICO and/or the affected individuals;
  • Organisations must also keep a record of any personal data breaches, regardless of whether they require notification to the ICO.

Always log your data breaches and get in touch with DPE if you require urgent assistance at This email address is being protected from spambots. You need JavaScript enabled to view it.

Examples of breaches

 

  • Loss or theft of paper records or loss or theft of equipment on which data is stored, e.g. a laptop, mobile phone, tablet device or memory stick;
  • A letter or email containing personal and/or confidential data sent to the wrong address (including internal staff or third parties) or an email to an unauthorised group of email boxes;
  • Personal data disclosed orally in error in a meeting or over the phone – including “blogging”, where information is obtained by deceiving The Organisation or where information has been disclosed without confirming the true identity of the requester;
  • Unauthorised access to information classified as personal or confidential, e.g. attaching documents to an outlook diary appointment that is openly accessible;
  • Posting information on the world wide web or on a computer otherwise accessible from the Internet without proper information security precautions;
  • Sensitive information left on a photocopier or on a desk in County Council premises;
  • Unauthorised alteration or deletion of information;
  • Not storing personal and confidential information securely;
  • Not ensuring the proper transfer or destruction of files after the closure of offices/buildings, e.g. not following building decommissioning procedures;
  • Failure to safeguard/remove personal data on office equipment (including computers and smartphones) before disposal/sale.

 

Examples of Breaches caused by IT Security Incidents:

  • Unauthorised access to IT systems because of misconfigured and/or inappropriate access controls;
  • Hacking or phishing attacks and related suspicious activity; 
  • Virus or malware attacks and related suspicious activity; 
  • ICT infrastructure-generated suspicious activity;
  • Divulging a password to another user without authority.

Best Practice UpdatesTammy Buchanan -
Some of our customers have been affected by the data breach reported by the HCRG Care Group.  The group is currently investigating claims by a ransomware group that more than two terabytes of sensitiv...

Best Practice UpdatesTammy Buchanan -
The ICO has published a report today about 'learning from the mistakes of others'.  Given that cyber security is a crucial part of protection information and it is important to note that security brea...

Best Practice UpdatesTammy Buchanan -
During our data walks and when talking with customers, we see a lot of personal data that has been removed from its original system.  This article discusses the benefits of keeping data in it's a orig...

Best Practice UpdatesTammy Buchanan -
While visiting organisations during our data walks we will have a conversation with you about how printers are used in your organisation, we will discuss access controls and have a look around the pri...

Best Practice UpdatesTammy Buchanan -
The Misbourne School in Great Missenden had to partially shutdown in January due to a cyber attack.  The attack significantly affected its infrastructure and operations.

Best Practice UpdatesTammy Buchanan -
Security researchers and computing blogs are reporting 'the mother of all breaches' in reference to a data breach where billions of records have been breached.  The dataset doesn't come from one singl...

Best Practice UpdatesTammy Buchanan -
A number of schools have reported a data breach by ClassCharts this week.  ClassCharts is school management software that allows teachers to create a customisable classroom seating chart.  It can also...

Best Practice UpdatesTammy Buchanan -
Understanding where your data is stored is crucial for both records management (data retention) and retrieving personal data in cases of Subject Access Requests.  This article looks at where Microsoft...

Best Practice UpdatesTammy Buchanan -
If you think someone is trying to trick you into handing over money, personal details or a change of salary information........ there is a way to report this with Stop Scams UK.

Best Practice UpdatesTammy Buchanan -
The ICO has recently published a reprimand for a multi academy trust.  The reprimand was issued in respect of Articles 5 (1) (f) and 32 (1) (b).  An unauthorised third party utilised compromised crede...

Best Practice UpdatesTammy Buchanan -
During our data walks we are looking at data breach risks, in terms of 'Who has access to what data?'.  As part of our walk we may ask who has access to the school other than the employees and childre...

Best Practice UpdatesJames England -
Here's a little fun. It's our not-so-good friend Harry the Hacker. He's all over the place...can you find him?

Best Practice UpdatesTammy Buchanan -
A reprimand has been issued by the ICO to Parkside Community Primary School in relation to the infringements of Article 5 (1)(f), Article 24 (1) and Article 32 of the UK GDPR. This article discusses t...

Best Practice UpdatesTammy Buchanan -
This article lists the ways that Data Protection Education can be contacted for general data protection queries, data breaches, subject access requests and freedom of information requests.

While all ou...

Best Practice UpdatesJames England -
We've recently had more than one breach reported where physical files have got lost in the post.

In such cases, the sender remains the data controller and is responsible for ensuring that the optimum d...

Best Practice UpdatesE-learning Manager -
From the Information Commissioner's Office blog:

A former headteacher has been fined in court for unlawfully obtaining school children’s personal data from previous schools where he worked.

Information/Cyber SecurityTammy Buchanan -
The Government recently published the Cyber Security Breaches survey 2024. The survey has an annex which includes findings from samples of UK educational institutions.

Information/Cyber SecurityTammy Buchanan -
A summary of the government Cyber Security Breaches 2024.  It is an official set of statistics produced by the Department for Science, Innovation and Technology in partnership with the Home Office. Th...

Information/Cyber SecurityTammy Buchanan -
We have previously reported how the Rhysida Ransomware has focused on attacking the education sector.  Recently the CISA, FBI and MS-ISAC have released a new joint Cyber Security Advisory to dissemina...

Information/Cyber SecurityTammy Buchanan -
As a data protection officer we are seeing a rise in the number of cyber attacks on organisations.  We often find that the fact an actual crime has been committed is sometimes overlooked in the panic ...

Information/Cyber SecurityTammy Buchanan -
Recently the ICO reprimanded a company that suffered a ransomware attack.  The attack resulted in a data breach - learning lessons from real-life incidents is a valuable way to promote knowledge shari...

Information/Cyber SecurityTammy Buchanan -
The ICO has recently published new guidance about bulk email communications following a number of data breaches caused by the incorrect usage of CC and BCC (carbon copy and blind carbon copy). 

Emails...

Information/Cyber SecurityTammy Buchanan -
Surrey Police are investigating a fraud and computer misuse allegation at AQA, England's largest exam board which follows the recent data breach reported by Cambridgeshire Policy into a data breach wi...

Information/Cyber SecurityJames England -
This article was originally published in January 2023, but has been updated with some additional information, following further ransomware attacks on schools in the UK. Highly confidential documents f...

Information/Cyber SecurityTammy Buchanan -
Manchester University was hit by a cyber attack last week, with the possibility that personal data was stolen by the attacker.  A statement was made on their website by Patrick Hackett, Registrar, Sec...

Information/Cyber SecurityTammy Buchanan -
This article is about a recent cyber attack on Leytonstone School.  The school in Waltham Forest has been closed since half term after it was targeted and a significant amount of personal data was acc...

Information/Cyber SecurityTammy Buchanan -
This article is about cyber attacks and data breaches that may go unreported due to the misconceptions about how organisations might respond to them.  The NCSC recently published an article about why ...

Information/Cyber SecurityTammy Buchanan -
The Cyber Security Breaches Survey is a research study for UK cyber resilience, aligning with the National Cyber Strategy.

The full report is here: Cyber Security Breaches Survey 2023

There is a separat...

Information/Cyber SecurityTB -
With the increase in Cyber crime against schools in the UK we are focusing in on what can be done to help prevent cyber crime in a way mangeable for school budgets.

 

Information/Cyber SecurityJames England -
 By changing the culture of email use within an organisation will not only benefit the organisation towards GDPR compliance and beyond, it will also save a significant amount of time by reducing staff...

What are the immediate steps we need to take if there is a breach?

What do we do if we are made aware of a breach that happened in the past?

What do we do if we had a data breach from a cyber attack?

What processes should we follow if data has been exposed due to being hacked?

What types of data would constitute personal and therefore a possible breach?

Have a question about data breaches? Ask it here.

Please use this for generic questions about breaches and breach procedures.

To report a data breach - use the Breach Log

To contact use about an urgent or specific query contact us using: This email address is being protected from spambots. You need JavaScript enabled to view it.

Invalid Input
Invalid Input
Invalid Input
Invalid Input
©2025 Data Protection Education Ltd.

Search

  • News