Could human error be the cause of many data loss cases?

Data loss breaches which have been recorded in the US could be caused more because of human error than the work of cyber thieves, new research has highlighted.

According to statistics by the Software Advisor, around half of the 288 HIPAA breaches listed on the US Department of Health and Human Services' website were caused by physical theft.

Just 16 per cent of these attacks were blamed on unauthorised access to the data, while another 14 per cent were found to have occurred due to incidents of carelessness, such as a laptop being misplaced.

Hacking itself was found to have only been a factor in six per cent of the cases studied, despite widespread concern over this issue.

In the UK, the NHS has found itself in a data loss incident of its own, after a laptop went missing containing the medical records of millions of people, according to The Sun.

A source warned: "This laptop would be a devastating tool in the hands of a blackmailer."

Travelodge details data loss attack

Well-known hotel chain Travelodge has been caught up in an apparent data loss incident, those concerned about their online file security procedures may want to note.

The company has revealed that is indeed investigating a breach which has focussed on its customer list.

People who have used Travelodge's online portal have been sent a warning as a result of the hack, urging them to be wary of spam emails relating to the chain.

Although information regarding the incident is still thin on the ground, it appears that only a few individuals have been caught up in the breach, while financial data and payment details of customers are said to be secure.

Travelodge is one of the most well-know hotel chains in the UK, with around 400 accommodations currently found in the UK.

Last year, the firm noted that nine million people had stayed in one of its rooms, with 87 per cent booking up their reservation over the internet.

Prevent data loss 'with company-wide online storage solutions'

Company owners have been told that they could help to prevent data loss by getting the whole organisation involved in implementing online storage methods.

This is the view of Steve Holford, marketing director at Fasthosts Internet, who pointed out that everyone at a company should become knowledgeable on the right way to transfer files and then storing then as encrypted.

"An online solution means that employees are maintaining consistent levels of security, that the risk of physical loss is greatly reduced, and that threats from personal computers are minimised," he explained.

His advice comes soon after a study carried out by Fasthosts Internet found that one in four people with office jobs are currently participating in at least one 'data security sin'.

This includes leaving laptops unattended in public places and losing a USB device, which could each result in data loss if placed into the wrong hands.

According to a recent report in The Sun newspaper, an unencrypted laptop that has medical details of around eight million people has been lost from an NHS building.

Mobile devices 'should be protected from data loss'

In order to cut down the risk of data loss via mobile devices, Juniper Research has urged Brits to secure their products.

The organisation has stated that many more people are now accessing emails and paying for goods via their smartphones.

As a result, actions should be taken to make sure that the sensitive information being stored on a mobile phone is protected from the grasp of cyber criminals, Juniper Research advised.

"Similarly, as both consumer and enterprise adoption of tablets has risen following the success of Apple's iPad, there is a pressing need to provide security solutions for your devices," the source added.

Juniper Research's comments come soon after a study by Orion Storage found that 41 per cent of those surveyed had unprotected information available on their mobile devices.

Furthermore, 19 per cent admitted that they were caught up in a file security breach as a result of portable products being misplaced.

Lulz Security breaches data security of porn website

Lulz Security has been targeting a wealth of established companies and organisations to show file security vulnerabilities.

One of the latest attacks by the infamous group is an attack on adult content portal Pron.com, which saw 26,000 email addresses and passwords compromised.

Included in these accounts were six cases where people had signed up to the page using either government or military addresses.

Commenting on this particular issue, Lulz Security acknowledged that "they are too busy fapping to defend their country".

To add further insult, Lulz Security attempted to get people who follow the group over Twitter to use the emails and passwords to log into Facebook and post on accounts.

However, Facebook countered this particular effort by matching up email accounts onto its database and subsequently resetting any affected passwords.

In the last few weeks, Lulz Security has claimed to have carried out breaches on such well-recognised businesses as Sony Pictures and NHS, though the latter was done more to help the organisation than to harm it.

Surrey County Council fined for three data loss cases

Surrey County Council has been rapped by the Information Commissioner's Office (ICO) after a series of data loss incidents.

The local authority was dealt with a £120,000 fine as a result of breaching the Data Protection Act on a number of occasions.

Firstly, in May 2010, the council made an error when it sent out emails showing the mental and physical health information of 241 people to the wrong recipients.

The following month, Surrey County Council was once again caught up in a data security row, after sending an email with personal information of a number of people to 100 individuals who were on the list to receive the institute's newsletter.

January 2011 saw the third major breach conducted by the council, this time when its Children Services department sent confidential data to the incorrect internal group email list.

Recently, the ICO detailed that Somerset County Council had breached the Data Protection Act when it delivered a teenager's social service assessment to the wrong family.

GP practices warned about their file security measures

Brits have been told of the concerns over file security that is currently taking place in NHS institutes around the UK.

Alex Teh, the commercial director of Vigil Software, pointed out that many GP practices are taking risks with the handling of personal information.

"In these GP practices, the accounts person is probably the IT person or, if they're lucky and they're big enough, you have one general support engineer rather than an IT security specialist who knows what he's doing," Mr Teh acknowledged.

He added that this is "the main concern" as it is then these individuals who are then in control of posting out recommendations of a surgery visit, as well as gaining access to medical records, which could cause problems if misplaced or lost.

The expert's warnings come soon after an IDC (International Data Corporation) Health Insights survey illustrated that the biggest threat to file security in the minds of around 20 per cent of healthcare firms in Europe, the Middle East and Africa was human error or accidents.

LulzSec claims to have breached Sony Pictures

Sony appears to have been caught up in yet another file security attack, if claims by one hacking group are to be believed.

LulzSec has acknowledged that it has successfully carried out a breach of SonyPictures.com, the Japanese technology giant's online TV portal.

Through the attack, the infamous group has said that it has been able to grab personal data for one million accounts.

Such information includes home addresses, passwords, email addresses and dates of births of users, according to LulzSec.

Furthermore, it claims to have also obtained data regarding 75,000 music codes, as well as 3.5 million music coupons.

LulzSec was reported to have used an unencrypted database to grab the information, in which the group stated: "This is disgraceful and insecure: they were asking for it."

As a result of Sony's new file security breach, the Daily Telegraph has told readers to change any passwords that are the same as that on Sony Pictures, as well as view bank accounts for any unusual activity.

Brits told of 'file security problems on smartphones'

Businesses that are fearful of data loss cases have been told to be aware of the security issues attached to smartphones.

Con Mallon, director of regional product marketing at Norton, pointed to his own smartphone as an example of a device that now has as many hardware features as a computer did just a few years ago.

However, he believes that too many individuals are failing to see their device in the same light as older technology, thus leaving their phone's file security at risk.

"By and large more PCs have some form of security software running on them, by and large the majority of mobiles do not," Mr Mallon explained.

As a result of this, he noted that hackers could find it "much easier" to gather data from a smartphone today then via a computer, an issue company owners should be aware of.

His warnings follow on from the recent prediction by Neil Rimer, co-founder of Geneva-based fund Index Ventures, that mobile security will be a bigger industry than that of PCs in the future.

Backup strategies 'important when countering data loss problems'

Businesses that are hoping to enhance their file security strategies have been told of the need to backup their data.

A spokesman for Imperva has acknowledged that this step should be seen as a "very important business requirement" should an outage or data loss event occur.

However, they did admit that there are risks involved with opting for backup strategies too, such as if the backup is stolen or if it is downloaded by an individual without company knowledge.

The spokesman therefore noted: "Proper measures must be in place to either block or monitor malicious activity."

Recently, the issue of IT downtime, which could result in data loss, was highlighted via a CA Technologies study.

It found that in North America and Europe each year, over 127 million hours of employee productivity are lost due to this problem.

To put it in context, this figure is the equivalent of 63,500 people being unable to work for 12 months, the research illustrated.