
![]() |
Brian Sims
Editor |
Home> | Security | >IT Security | >Estate agency fined for failing to protect data |
Estate agency fined for failing to protect data
23 July 2019
THE INFORMATION Commissioner’s Office (ICO) has fined a London estate agency £80,000 for leaving 18,610 customers' personal data exposed for almost two years.

The security breach happened when Life at Parliament View Ltd (LPVL) transferred personal data from its server to a partner organisation and failed to switch off an ‘Anonymous Authentication’ function. This failure meant access restrictions were not implemented and allowed anyone going online to have full access to all the data stored between March 2015 and February 2017.
The exposed details included personal data such as bank statements, salary details, copies of passports, dates of birth and addresses of both tenants and landlords.
During its investigation, the ICO uncovered a catalogue of security errors and found that LPVL had failed to take appropriate technical and organisational measures against the unlawful processing of personal data. In addition, LPVL only alerted the ICO to the breach when it was contacted by a hacker. The ICO concluded this was a serious contravention of the 1998 data protection laws which have since been replaced by the GDPR and the Data Protection Act 2018.
Steve Eckersley, Director of Investigations at the ICO said, “Customers have the right to expect that the personal information they provide to companies will remain safe and secure. That simply wasn’t the case here.
“As we uncovered the facts, we found LPVL had failed to adequately train its staff, who misconfigured and used an insecure file transfer system and then failed to monitor it. These shortcomings have left its customers exposed to the potential risk of identity fraud.
“Companies must accept that they have a legal obligation to both protect and keep secure the personal data they are entrusted with. Where this does not happen, we will investigate and take action.”
- Suspended sentence for unlicensed door supervisor
- Lincolnshire firefighters issue kitchen fires warning
- City of London Crime Prevention Association and London Fire Brigade launch Project Kestrel for front line security personnel
- From the editor - June 2019
- Registration opens for CYBERUK 2020
- Fire and Security Matters Awards: Final entry deadline
- BSI revises test method for fire performance of external cladding systems
- The Security Institute outlines digital plans for 2020 Annual Conference
- Finance teams deliberately targeted as ‘e-mail hijack attacks’ rise by 22%
- ONS review points towards male security officers having highest COVID-19 death rates
- From the editor
- Blog for FSM website
- Information Commissioner makes key appointments
- BSIA forges closer American links ahead of Brexit
- Fire and Security Association names new chair
- Government wants mergers regime update to protect national security
- Chain wrestling
- Intersec 2018 preview
- Leading brands supporting new Security Event at NEC
- Leading security companies support launch of new security event at the NEC