ICO lambasts firm for poor technical knowledge.
A recruitment firm has been reprimanded by the Information Commissioner’s Office (ICO) for leaving the details of nearly 7,500 CVs on its database unsecured on its public website.
The site, Janetpage.com, is a hub for those in the care industry, and the ICO was alerted to the fact that the supposedly secure website for firms seeking staff – where 7,435 CVs were stored – was completely open to anyone visiting the website.
The company was unaware of this error and when alerted to it said it may have been caused by a hack on its system, although no evidence was able to support this.
“At the time of the incident, the data controller believed that the section of the website, in which the CVs were stored, had been hacked by an individual seeking work. However, the data controller has been unable to provide any technical evidence to support this assumption,” it said.