Heathrow Airport has been slapped with a £120,000 fine by the Information Commissioner’s Office for “serious failings” in securing personal data held on its systems.
The breach came to light after an employee lost a USB stick in October last year, which contained personal data of some individuals including staff, and was not encrypted or password protected. The member of the public viewed the material it contained at a local library.
“Data Protection should have been high on Heathrow’s agenda. But our investigation found a catalogue of shortcomings in corporate standards, training and vision that indicated otherwise,” ICO director of investigations, Steve Eckersley said.