Charities reported 123 data security incidents to the Information Commissioner’s Office in the first quarter of 2019-20, according to the latest update from the regulator.
The ICO has published the latest statistics for how many data breaches were reported between April and June 2019. This shows that charities reported 125 incidents, slightly down on the same period last year when it was 137. The 2018-19 figure was much higher than in earlier years, which the ICO had attributed to organisations complying with new data protection rules.
There were 3,091 incidents reported across all sectors, also slightly down on the same reporting period last year. Charity incidents account for 4 per cent or all reported breaches, which is in-line with previous reporting periods.
The general business sector reported the most incidents (653), followed by health (483) and education (359).
Emailing data to the wrong recipient was the most common type of what the ICO defines as a non-cyber incident and accounted for 17 reports. This was followed by posting or faxing to the wrong recipient (13) and loss or theft of paper left in an insecure place (12).
Cyber incidents accounted for 32 incidents reported by charities.
This included 20 phishing incidents, seven cases where there was unauthorised access and one incident involving malware.