What exactly is data loss?
I am really confused by this article . The UK operation of Zurich Insurance has been fined £2.27m by the Financial Services Authority (FSA) for losing personal details of 46,000 customers. What is "losing"? Did the data get accidentally deleted? Or was it accidentally leaked to, or stolen by, miscreants? "Lost" data implies deletion - say, a disk failed and the backup was faulty. Not an uncommon occurrence, and you might need to ask your customers to confirm their details to you again. But: "The firm also failed to ensure that it had effective systems and controls to prevent the lost data being used for financial crime." Also, they were penalised over £2 million for the loss. Both of these imply that someone else actually got the data. But how do they know it went? Zurich said that it had no evidence the data had been misused. So it's very unlikely that they somehow discovered a third party had copied it. And yet, the comment on the case from a ...