Data such as names, dates of birth, National Insurance numbers and radiation doses for over a thousand people working for the Welsh NHS was stolen from a private contractor. While the breach was discovered back in October, it was not reported until January. Frankly, long delays like this in reporting is unacceptable. People need to know if their data is exposed so they can protect themselves.
Let this also be a lesson about the importance of 3rd party security and the risk you take when allowing data to be stored/used/collected by contractors or other 3rd parties.