The Financial Conduct Authority (FCA) has disciplined four members of staff for committing data security breaches.
The financial watchdog gave written warnings to its staff on at least four separate occasions between 2022 and 2023, revealed by a Freedom of Information request.
The regulator reprimanded its staff for “sending FCA data to personal email accounts”, violating its security practices.
“The FCA is tasked with managing extremely sensitive data, and the use of personal email accounts greatly increases the likelihood of a major security breach,” commented Andy Ward, a senior vice president at Absolute Security.
“Against the backdrop of several high profile cyber attacks, it’s vital that all organisations wake up to the very real threat posed by unprotected devices and IT systems, and ensure cyber resilience is at the top of the boardroom agenda.”
Data security has entered the spotlight as major brands from M&S to Harrods face a barrage of cyber-attacks.
“These incidents are unfortunately the tip of the iceberg, with tens of thousands of workers freely sharing corporate information across personal email accounts and AI assistants every day,” added Arkadiy Ukolov, chief executive of Ulla Technology.
“The reality is that most companies have no idea this is happening or the security risks involved. That’s why it’s crucial that robust policies and procedures are put in place, so all information can only be shared through secure channels.”
The FCA in 2020 admitted to accidentally revealing the personal information of over 1,000 consumers in a major lapse in data security.
Other public sector bodies have recently warned of a heightened risk of data breaches. The NHS urged stronger cyber defence practices from its suppliers in an open letter last month.
Register for Free
Bookmark your favorite posts, get daily updates, and enjoy an ad-reduced experience.
Already have an account? Log in
