Yet another council has been fined by the ICO for failing to comply with data protection laws. This time, it is the Gloucester City Council that left personal information vulnerable to a cyberattack, despite warnings from the ICO. An attacker accessed the council's website in July 2014 and downloaded over 30,000 emails that contained financial and sensitive information about council staff. The ICO investigation found that the council did not have sufficient processes in place to ensure compliance with data protection laws and therefore issued a fine of 100,000.