By Stacey Langdown, Data Protection and Education Awareness Manager
Tuesday 28 January is International Data Protection day – an annual celebration to raise awareness of data protection for individuals and organisations.
To highlight it’s importance, two colleagues shared their experiences of personal information being lost or handled badly.
In a previous job, Food Store Manager Harvey Rainbow had his information shared inappropriately.
A colleague asked Harvey to be the guarantor on their rental agreement and due to unusual circumstances, he agreed. When a second colleague made the same request, Harvey said no due to the risks involved.
Despite the refusal, the colleague rang their Lettings Agency and mentioned they’d asked Harvey to be their guarantor. The Letting Agent interrupted stating “Do you mean Harvey Rainbow? Isn’t it great he’s also agreed to be the guarantor for another of your colleagues?”
The second colleague approached Harvey to question why he wouldn’t agree to be their guarantor as he was already doing it for someone else.
Harvey contacted the agency to discuss his information being inappropriately shared. He received an apology, but the damage was done as he’d already been put in an awkward situation with potential to strain working relationships between him and his colleagues.
- In similar situations, discuss the problems with the organisation involved to help them improve and reduce the chances of it happening again. If you’re unhappy with their response, you can also complain to the Information Commissioner’s Office who’ll review the situation
- In work, only share information with people who need to know and perform security checks to make sure they are who they say they are
Tony Flaherty, Information Security Team, told us how a family member fell victim to a phoneline scammer.
They’d received a phone call claiming to be someone from a well-known telecommunications company. As they knew personal details about him, and the background noise sounded like a call centre, he proceeded with the conversation.
Apparently, there was a problem with his router so they needed to access his computer and check it. After giving access, he was told he needed a new router which would cost £100, but they’d transfer money into his bank account to cover the cost.
The caller asked him to check his online banking to confirm they’d made the transfer and the funds had arrived. He saw a credit which looked like it was from the company, but it was for £10,000. He explained this mistake and the caller responded with a panicked “I’ll get sacked, please transfer the money back, I’ll give you the details”.
They provided an account to transfer the money to, which he tried to do, but fortunately his bank blocked it. He was then asked to go to an ATM to take out cash so someone could come and collect it. It was at this stage he realised it was a scam so hung up and began panicking about what had happened.
He called his bank who investigated it for him. The scammers had put malware on his computer which transferred £10,000 from his savings account to his current account, modifying the transaction to make it look like it was from the company. They suggested he had his computer fixed which was an extra cost to him.
Since this event, he’s lost confidence and hasn’t used his computer. Although there wasn’t a large financial impact, there’s been a permanent emotional one.
Top tips :
- If someone unexpectedly rings you claiming to be from a company, insist on calling them back on an official number. You can find these on the company’s official website
- When returning the call, ring from a different phone or make another call in between. Sometimes scammers remain on the line leading you to believe you’re on a new call when in fact you’re not
For work concerns and advice about Data Protection, email firstname.lastname@example.org. If you have any concerns about your own personal information, contact the Information Commissioner’s Office.