Casino loses gamblers’ data

Losing the personal data of 26,000 gambling club members - not a good day at the office.

When the Information Commissioner reports on those organisations that have lost personal data it has predominantly been limited to the NHS.

Hospitals records, laptops and memory sticks have all managed to go AWOL and the relevant NHS body has had its knuckles rapped.

But this week the Commissioner has ventured into the exotic world of casinos because one of the country’s biggest gaming companies has put its hands up to losing customer data.

Now it’s one thing losing patients’ blood pressure readings but what sort of data would have been held on the laptop belonging to London Clubs International?

The company [website] owns and operates a string of casinos – five in London, and others in Southend, Brighton, Manchester, Nottingham, Glasgow and Leeds – and is well known for pulling in poker players.

It has now confessed to having had a laptop stolen from the data controller’s premises. The laptop contained personal details relating to around 26,000 people. Although the computer was password protected it was not encrypted.

The Information Commissioner did not serve an Enforcement Notice on the casino chain but the company has signed an undertaking to make sure everything is now encrypted and to bring in other security measures to ensure personal data is protected.

According to the company website the casinos have to comply with EU money laundering rules and so require ID from punters before they are allowed in to gamble.

Here is a copy of the undertaking. [link]