The UK has seen yet another of its most recognisable brands, The National Lottery, suffer a data breach.
The National Lottery reported that on 30th November they detected “suspicious activity” on thousands of their accounts. The official figure released is that only 26,500 players have been affected – only a small percentage of their 9.5 million registered users. The personal details of their effected customers retrieved in the attack include:
- Contact details
- Date of birth
- Transaction history
- Account preferences
- Last 4 digits of their registered card number
- Expiry date of card
National Lottery operator, Camelot, stress that there has been no access to core National Lottery systems. This includes any of their databases which would affect draws or the payments of prizes.
Data is the new oil.
Data has become an integral part of everyday business, many refer to data as ‘the new oil’. In truth it shares many a similarity – its use has now become so woven into modern day business its hard to image what it was like before these powerful and cutting edge insights were available to a business.
However, oil is also highly volatile. The processes of collecting and storing terabytes of data on consumer’s personal details and their behaviour has become heavily scrutinised in recent years with a number of high profile breaches.
Old data protection laws and legislation are no longer enough to protect consumer’s rights. Businesses will now have to comply with new legislation such as the GDPR. Regulatory bodies such as the ICO currently have a maximum fine of £500,000 – only recently handing out a £400,000 fine to TalkTalk for their data breach. Once the the GDPR becomes enforceable in May 2018, businesses can face fines of up to €20m or 4% of the parent company’s annual turnover.
4% of annual turnover for Camelot would result in a £220m fine
Data protection laws are now putting consumers in charge of their information, making it a more serious issue if businesses mishandle their personal data.