Gassing StationThe Pie & PistonNews, Politics & Economics
British Library / PLR ransomware attack, data now for sale
PistonHeads » Gassing Station » The Pie & Piston » News, Politics & Economics
British Library / PLR ransomware attack, data now for sale
My ProfileMy PreferencesMy Mates
SearchMy Stuff
What's New3122472
Reply
OP Posts Only
OP Posts Only
Reply
OP Posts Only
Author
Discussion

turbobloke

Original Poster:

115,428 posts

282 months

[report]
[news]
Wednesday 29th November 2023
quotequote all

hidetheelephants

33,285 posts

215 months

[report]
[news]
Wednesday 29th November 2023
quotequote all
turbobloke said:
Includes passport scans apparently.

https://www.bbc.co.uk/news/entertainment-arts-6754...
Why does the BL store passport scans? That seems like a pointless GDPR risk.

IroningMan

10,598 posts

268 months

[report]
[news]
Wednesday 29th November 2023
quotequote all
hidetheelephants said:
Why does the BL store passport scans? That seems like a pointless GDPR risk.
Employee proof of right to work in the UK, presumably?

hidetheelephants

33,285 posts

215 months

[report]
[news]
Wednesday 29th November 2023
quotequote all
IroningMan said:
hidetheelephants said:
Why does the BL store passport scans? That seems like a pointless GDPR risk.
Employee proof of right to work in the UK, presumably?
Once they've had sight of the document or a scan recording the passport number should be enough, it's an unnecessary risk retaining pointless data that needs to be secured.

Countdown

46,906 posts

218 months

[report]
[news]
Wednesday 29th November 2023
quotequote all
hidetheelephants said:
Once they've had sight of the document or a scan recording the passport number should be enough, it's an unnecessary risk retaining pointless data that needs to be secured.
I’m pretty sure HMRC requires the employer to keep a photocopy of the document.

hidetheelephants

33,285 posts

215 months

[report]
[news]
Wednesday 29th November 2023
quotequote all
Countdown said:
hidetheelephants said:
Once they've had sight of the document or a scan recording the passport number should be enough, it's an unnecessary risk retaining pointless data that needs to be secured.
I’m pretty sure HMRC requires the employer to keep a photocopy of the document.
Then HMRC ought to store it then; stupid requirement.

turbobloke

Original Poster:

115,428 posts

282 months

[report]
[news]
Wednesday 29th November 2023
quotequote all
hidetheelephants said:
Countdown said:
hidetheelephants said:
Once they've had sight of the document or a scan recording the passport number should be enough, it's an unnecessary risk retaining pointless data that needs to be secured.
I’m pretty sure HMRC requires the employer to keep a photocopy of the document.
Then HMRC ought to store it then; stupid requirement.
It looks like an unnecessary risk. Since the story broke - possibly coincidentally - I've had an alert from Experian about an email address / password combo being for sale, the pw is fiction (like the others from previous alerts) so a low risk, and I don't use pw multiply anyway so the BL PLR pw is useless.

It's hardly surprising that an email address will make its way to naughty people eventually, but a passport scan is in a different league.
Reply
OP Posts Only
OP Posts Only
Reply
OP Posts Only

Gassing Station | News, Politics & Economics | Top of Page | What's New | My Stuff