The Home Office’s annual report shows that in 2019/2020 they recorded more than twice as many data breaches than in the previous year. Over the 12 month period, there were 4,229 data breaches recorded, compared to 1,930 the year before – a rise of almost 120%.
The most notable incident, which was reported to the Information Commissioner’s Office (the ICO), involved a “suspected loss” of 2 backup tapes, which contained data from the Home Office’s case working system for entry clearance applications. The said tapes went missing from the British Embassy building in the Serbian capital of Belgrade. In fact, the Home Office cannot confirm when this even took place but estimate that it was ‘between 2014 and 2016’. Therefore it could have been as long as 6 years before the incident was reported to the ICO this year. The Home Office did add that the ‘tapes may have been destroyed without their destruction being recorded and may have been blank’ however an internal investigation was still conducted.
This incident was only 1 of 25 incidents that warranted reporting to the ICO this year. There were a further 10 instances of the loss of data or equipment from outside government premises.
The Report revealed that the largest rise was in the loss of documents, devices, or data from inside secure government premises. Instances of this type of breach increased significantly from 145 to 947.
Since GDPR came into effect in May 2018, the number of data breaches reported to the ICO has continued to increase every year and the public sector is no exception. But the Home Office said that the sharp rise in incidents recorded in its own systems spoke to greater awareness of the relevant regulations and reporting procedures and they hope that they can continue to strengthen awareness and their incident reporting culture.