Experts Insight On Watford Community Housing (WCH) Data Breach

Watford Community Housing (WCH) sent out an unencrypted spreadsheet with 3,544 rows of personal information on its tenants, including names, addresses, dates of birth, religion, sexual orientation, ethnic origin and disability status.  It’s not yet been confirmed if any of these individuals are subject to witness protection orders in court proceedings.

Experts Comments

March 27, 2020
Jan Van Vliet
VP and GM EMEA
Digital Guardian
Email is a vulnerable medium. As this unfortunate data leak shows, even the best IT security tools are not infallible against human behaviour. This incident again reinforces the need for “data centric” security technologies. This would help protect data at source, removing the risk factor associated with human error. If Watford Housing Community had had such technologies in place, it could have prevented this highly sensitive information from being sent without prior approval and prevented.....Read More
Email is a vulnerable medium. As this unfortunate data leak shows, even the best IT security tools are not infallible against human behaviour. This incident again reinforces the need for “data centric” security technologies. This would help protect data at source, removing the risk factor associated with human error. If Watford Housing Community had had such technologies in place, it could have prevented this highly sensitive information from being sent without prior approval and prevented it from being opened by the recipients. All organisations, especially those that handle sensitive personal data, have a duty of care to prioritise data protection and prevent incidents like this taking place.  Read Less
March 27, 2020
Raif Mehmet
Sales Director
Bitglass
To prevent future attacks and safeguard sensitive information, organisations must have full visibility and control over their data. This can be accomplished by leveraging multi-faceted solutions that defend against malware on any app or endpoint, enforce real-time access control, detect misconfigurations, encrypt sensitive data at rest, manage the sharing of data with external parties, and prevent data leakage.
March 27, 2020
Samantha Humphries
Security Strategist
Exabeam
Watford Community Housing should be commended for a responsible disclosure and a prompt response, which will make all the difference to maintaining the trust of those affected by this breach. However, it’s important to note here that the reasons behind this breach are relatively unsophisticated and highlight a fundamentally poor operational practice. Sending files over email – particularly unencrypted files – is always risky. This incident shows that if you do this in error, there is.....Read More
Watford Community Housing should be commended for a responsible disclosure and a prompt response, which will make all the difference to maintaining the trust of those affected by this breach. However, it’s important to note here that the reasons behind this breach are relatively unsophisticated and highlight a fundamentally poor operational practice. Sending files over email – particularly unencrypted files – is always risky. This incident shows that if you do this in error, there is no way of recalling that data once it’s been sent. Your only recourse is to politely request that the unintended recipients delete it. Notwithstanding the breadth of technology now available to organisations, email has never been a good tool for sharing personal information. It can all too easily end up in the wrong hands and – as this organisation clearly knows – put you square in the sights of the ICO. With GDPR enforcement still in relatively early days, this small error could add up to a significant financial cost.  Read Less
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.