Great Britain: Interserve fined more than £4 million following employee personal data leak

On 24 October the Information Commissioner's Office (ICO), the independent supervisory body responsible for ensuring data protection, announced it had imposed a £4.4 million (€5.08 million) fine on UK construction company Interserve for breaches of General Data Protection Regulation (GDPR). The UK company is accused of inadequate vigilance that resulted in the theft of the personal data of its 113,000 employees and ex-employees.

Through Jessica Agache-Gorse. Published on 27 October 2022 à 11h08 - Update on 27 October 2022 à 11h08

The events in question took place between 30 March and 02 May 2020. At that time, an employee of the construction group forwarded a ‘phishing’ email to a colleague, which Interserve’s security system neither detected, nor blocked. The employee opened the email and downloaded its contents, resulting in malware being installed onto the employee’s workstation. At that moment the company’s anti-virus system functioned and quarantined the malware but Interserve did not then thoroughly investigate the suspicious activity further.…

Need more info ?


mind's on-demand study service

  • This field is for validation purposes and should be left unchanged.