With the EU's GDPR coming into effect in less than two years, ignorance of ‘hidden' data could result in monstrous fines for UK companies, according to new research from Ground Labs.
The research adds that such ignorance could increase risks of identity fraud with the billions of personal information residing on PCs, servers and mobile devices.
In the last six months, Ground Labs has identified files such as birth dates and card numbers that were ‘thought to be deleted' in 92 percent of interactions with UK companies. Partially deleted files or ones hidden in automatic backups known as ‘shadow copies' also pose a risk.
“With the imminent arrival of GDPR
and the enormous financial risks, most companies simply cannot afford to ignore hidden threats. In the past, companies have relied on non-specific qualitative data sources which were often ignored,” said John Cassidy, VP EMEA, Ground Labs.
With hacking techniques becoming more sophisticated every day, adults in the UK face great risks as the exchange of multiple types of identity proof on the phone and internet create an unsecure reserve of actionable data on hundreds of thousands of business hard drives through all levels of a complex IT infrastructure.
“This is a serious issue for thousands of organisations across all sectors – from financial institutions to retailers, charities, hospitals and hotels. In over 50 percent of cases, the data that we find is stored without reason, often unintentionally. This means that the data is not being stored securely and is easy enough for would-be hackers to locate. The issue is that much of this data is overlooked, hidden within various file types or assumed to be deleted. It's a digital game of hide-and-seek but we definitely have the upper hand,” said Cassidy.