ICO issues ‘reprimands’ in private to large data lawbreakers
Blackbaud was given a private slap on the wrist by the UK’s Information Commissioner’s Office (ICO) after paying off criminals who stole users’ financial data from the cloud CRM biz’s servers.
The astonishingly mild sanction was revealed in a Freedom-of-Information response after senior data protection specialist Jon Baines at London law firm Mishcon de Reya asked about reprimands made under the General Data Protection Regulation (GDPR).
Reprimands are a formal expression of the ICO’s disapproval, issued to organisations that have broken data protection law.
Blackbaud was one of 42 organisations given reprimands since GDPR came into force in 2018. While most of those were in the public sector, it included supermarket chains Asda and Morrisons, healthcare provider BUPA, and since-shuttered voice chat app Houseparty.
Source: ICO issues ‘reprimands’ in private to large data lawbreakers • The Register