Oil giant Shell was unpleasantly surprised when it received news of a database containing contact information of some 170,000 of their workers having been emailed to seven non-governmental groups and one anti-Shell website.
It is still unknown what kind of information the database contains, and Shell has demanded an immediate deletion of the database from every recipient. When it was sent, it was also accompanied by a letter supposedly signed by over 100 Shell staff. One thing that has been mage public is that the information in the database is six months old, giving rise to the speculation that the signed employees are actually disgruntled ex-employees.
According to IT Pro, Shell has initiated an investigation, and so did the UK’s Information Commissioner’s Office. If Shell is found guilty of an offense under the Data Protection Act – if it failed to have adequate security measures in place to keep the data secure – it could be fined.
Fortunately for them, the fines imposed for such an offense have so far rarely surpassed the amount of £5,000 – a laughable sum for a corporation of Shell’s size. But, things are about to change in two months, when new rules will make it possible to exact fines that could reach half a million pounds.