Littlewoods also gets a rap on the knuckles from the Information Commissioner
By Tim Ferguson
Published: 22 June 2007 14:56 GMT
Orange and Littlewoods have been found to be in breach of the data protection act (DPA) by the Information Commissioner's Office (ICO).
The finding relates to customer details being left open to potential fraud or retained without customer consent.
Orange call centre employees were found to be sharing log-in details for the customer information database, meaning there was no way of knowing who had accessed data.
An ICO spokeswoman said: "It [the database] was potentially open to fraudulent use. It could potentially be quite serious."
Security from A to Z
Click on the links below to find out more...
A is for Antivirus
B is for Botnets
C is for CMA
D is for DDoS
E is for Extradition
F is for Federated identity
G is for Google
H is for Hackers
I is for IM
J is for Jaschan (Sven)
K is for Kids
L is for Love Bug
M is for Microsoft
N is for Neologisms
O is for Orange
P is for Passwords
Q is for Questions
R is for Rootkits
S is for Spyware
T is for Two-factor authentication
U is for USB sticks/devices
V is for Virus variants
W is for Wi-fi
X is for OS X
Y is for You
Z is for Zero-day
However, an Orange investigation found no evidence to suggest customer data was disclosed to anyone who shouldn’t have access to it.
As soon as the company became aware of the issue, procedural compliance was tightened and a company-wide communication was sent out reminding employees it was against Orange policy to share log-in details.
Littlewoods were investigated after a customer continued to receive marketing material after requesting their details be removed from the company's database.
In a statement, Littlewoods said the issue affected one individual and was caused by a "clerical error which has now been rectified".
A Littlewoods spokeswoman said: "It's not indicative of a general failure to uphold the general data-protection principles."
Both companies have signed a formal undertaking with the Information Commissioner to comply with the principles of the Data Protection Act.
Paul Skinner, underwriting specialist at Chubb Insurance, said the ICO's ruling should be a "wake up call to businesses throughout the country to adopt stricter measures and working practices to protect confidential data".
If the two companies continue to fail they could be subject to further ICO action which could lead to unlimited fines in the event of the issue reaching a crown court.
For several YEARS I was receiving marketing materi...
Anonymous
Senior Java Developer - London - Financial Services ? Core Java, C++, Spring, Multi-threading A dynamic leading online financial services business ...
ICT Security Specialist/Information Governance/Data Protection Act - Manchester - 24,000 - 33,000 + Benefits We are seeking to recuit an ICT ...
The appointed candidate will know the claims handling world through and through and will be one of the subject matter experts within the ...
Agenda Setters 2009
Welcome to the ninth annual Agenda Setters poll – silicon.com's list of the top 50 most influential individuals in the technology and IT industries, from techies and CIOs to entrepreneurs and business leaders. Find out more in our latest special report.
Is Your Enterprise Architected for Tomorrow's Growth?
Improving IT service delivery through an integrated approach to software asset management...
The Real Reason Executive Participation Creates IT Project Success
Information Management, BPM and Integration: Achieving Cost Efficiency in the Financial...
Stories from the web...
Copyright © 2008 CBS Interactive Limited. All rights reserved. Top of page
Digg
Slashdot
Del.icio.us
Stumble
Reddit
RSS Feeds
silicon.com staff Inbox: Social networking can help you secure a job Plus: Open source advocates hit back at CIOs and netbooks fail 'fit for work' test
Clive Longbottom Windows 7: Not perfect - but ready for prime time Microsoft's latest OS fixes most of Vista's ills - but still has challenges ahead