Dixons CEO John Browett says staff will be better trained in security procedures

PC World dumped customers’ personal data

Dixons Retail has been rapped on the knuckles by the Information Commissioner’s Office for breaching the Data Protection Act by dumping customers’ financial information in a skip.

A local authority’s health department discovered the eight completed credit agreements in or near a skip outside a branch of PC World. The exact store has not been identified.

The documents, which contained personal and financial information, related to transactions made two years earlier, and had been kept beyond Dixons’ recommended period for holding personal data.

Under the company’s normal procedure, the documents should have been transported in sealed containers to a central facility for secure shredding.

Mick Gorrill, head of enforcement at the ICO, said: “Any organisation collecting and holding personal information needs to ensure that information is kept and disposed of safely and securely. This is an important principle of the Act.

“Making sure data is disposed of securely and not keeping information for longer than is necessary can help to prevent information falling into the wrong hands. Staff need to be aware of policies and it is essential they receive appropriate training to follow them.”

Dixons CEO John Browett has signed a formal agreement to take steps to prevent a similar breach happening again, including a review of security procedures and providing training for staff on complying with security policies.

Check Also

55% of UK businesses now have a CISO, compared to only 25% at the end of 2021

According to Fastly research there has been a Chief Information Security Officers (CISOs) hiring boom …