Law firm calls for ICO investigation in potential data breaches

The Financial Conduct Authority (FCA), the regulatory watchdog for financial services firms in the UK, has misplaced a total of 323 electronic devices estimated to be worth £310,600 over the last three years, according to official figures. The FCA, which operates independently from the UK government, is financed by charging fees to its members, and last November issued a warning to businesses to ‘be responsible when handling client data’.

Details of the extent of device losses was obtained by niche litigation practice Griffin Law using the Freedom of Information (FOI) Act. The FOI revealed that over the three most recent financial years (FY 18/19, 19/21 and 20/21) hundreds of laptops, tablets, desktops and mobile phones were reported as lost or stolen by FCA staffers.

In the most recent financial year, overall lost devices surged by 369 per cent, with 197 devices being reported missing worth an estimated £193,400. This compares to losses of 42 devices in 2020 worth around £41,500 and 84 in 2019 worth an estimated £75,700.

Tablet computers topped the lost devices list, with 201 lost and 14 stolen across the three financial years, worth an estimated £215,000 in total. A staggering 123 of these devices were reported as lost or stolen in 2021.

Next was laptops, with 88 going missed over the combined period at a total cost of £88,000 – 68 of these incidents occurred in 2021.

Cyber expert Edward Blake, Area Vice President EMEA, Absolute Software comments:

“Managing a large, distributed workforce is no easy task, particularly in the midst of a pandemic, and keeping tabs on valuable devices like laptops is growing increasingly difficult.

“If one of these lost devices ends up in the wrong hands, the FCA could be facing consequences far more severe than the cost to replace them. For example, sophisticated cyber criminals can steal the data contained on these devices, access more businesses files, or intercept emails between colleagues, for the purpose of data theft, monetary gain, high-profile scams, or ransomware.

“Therefore, it is more critical than ever to have a permanent digital connection to every endpoint, as well as the ability to lock, freeze or wipe the device if it is at risk of being compromised.”

Donal Blaney, Founder, Griffin Law said:

“The Information Commissioner needs to investigate the FCA over the loss of sensitive data on these laptops, phones and tablets. There can be no excuse for such carelessness by FCA staff with such expensive gadgets paid for by hard-working taxpayers”.