DPP Law Ltd is appealing a £60,000 fine from the ICO after a substantial data breach occurred when a hacker accessed their system using brute-force tactics. The firm reportedly failed to recognize the incident as a personal data breach and delayed reporting it by 43 days. DPP maintains that it adheres to high standards, evidenced by its certifications. However, the ICO found significant gaps in the firm's security protocols, illustrating vulnerabilities that led to unauthorized data access. DPP's appeal aims to contest the ICO’s conclusions regarding its security practices.
DPP Law's case illustrates severe lapses in cybersecurity, with the ICO highlighting failures in security practices that ultimately compromised personal data.
The firm did not categorize the incident as a data breach until informed by the National Crime Agency, showcasing a serious lack of diligence in reporting.
Collection
[
|
...
]