On 3rd October an employee, who had just been dismissed by the firm, downloaded several folders from drives located on the firm’s server to a private OneDrive account. She did so ostensibly to retrieve her personal documents. In doing so, she also downloaded certain files containing firm and client information.
The data loss was subsequently detected by the firm. The ex-employee was approached and, in the presence of management and information technology personnel, deleted all the downloaded information. Further she signed an affidavit stating that no other individuals had access to the information, that it was not disseminated in any way, and that no copies of the information or physical prints were made.
The firm has accepted her explanation and is satisfied that the data is no longer in her possession or has been disseminated any further.
The incident has been reported to the Information Regulator.