Another Data Security Meltdown!
It would seem that the lessons which should have been learnt from the loss of sensitive data of people claiming child benefit were not learnt at all. Revenue and Customs lost disks containing personal details in the post, back in November 2007.
See our article on this:
http://www.eximium.net/blog/index.php/2007/12/it-advice-bedfordshire/
An investigation into another case of sensitive data not being protected began on Tuesday. The Government launched the investigation after a laptop containing the bank details of over a million people was sold on eBay for just £35!
Andrew Chapman, an IT manager bought the laptop and found that it contained customers’ credit card applications, account details, signatures, mobile phone numbers and mothers’ maiden names. Natwest Bank and The Royal Bank of Scotland have confirmed that their customer’s details are among the details found.
The computer belonged to a former employee of the company, Graphic Data, who digitally store information for a number of British banks and Building Societies. He placed it for sale on eBay, without erasing the sensitive data stored within it. A spokes person for Graphic Data said the company did not authorize the sale of the computer.The identity of the seller of the laptop has not been disclosed and Graphic Data and eBay have also launched investigations.
All this on top of the admission by the Home Office that it has lost 43 laptops and 94 mobile phones in 3 years.
The catalogue of losses are as follows;
August 26 2008: The sale of the laptop on eBay for £35.88.
August 22 2008: A memory stick containing details of 127,000 criminals in England and Wales is lost, including the names, addresses and dates of birth of 33,000 persistent offenders.
July 18 2008: Ministry of Defence admits that 658 laptops have been stolen and 89 lost in four years. Only 32 were recovered. It also admitted to losing 26 portable memory sticks since January 2007, with 19 of them classified as secret.
January 19 2008: A Royal Navy officer had his laptop stolen in Birmingham, containing the bank and passport details, National Insurance numbers, doctors’ addresses and family information details of 600,000 potential armed forces recruits.
January 18 2008: Details of benefit claims, mortgage payments and photocopies of passports were found on a roundabout in Devon. Other confidential data had been found at the same location before in November 2007.
December 23 2007: Nine NHS trusts admitted to losing patient records. In one case they lost the names and addresses of 160,000 children.
December 17 2007: The details of 3 million candidates for the driving theory test were lost in transit in Iowa.
December 11 2007: Two non-encrypted computer discs containing the names and addresses of 7,658 Northern Ireland motorists were lost.
November 20 2007: The two computer discs holding details of 25 million people including 7.25 million families receiving child benefit were lost.
When will the lessons finally be learnt? They are there for all to see and it would seem that they will be for a long time to come yet.
This entry was posted on Wednesday, August 27th, 2008 at 2:48 pm and is filed under Articles, Business Advice, Data Security, IT Advice . You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.
December 21st, 2008 at 9:53 am
These security problems are on the riseand what ever we do to stop it and make new codes the more the hackers are involved in breaking these codes.
August 25th, 2009 at 1:45 pm
Very sad to hear about such a loss, I wonder if those families still have managed to redeem their child benefit plans !