The Hot Aisle Logo
Fresh Thinking on IT Operations for 100,000 Industry Executives

I am not sure if it increasing awareness about personally identifiable data loss or we are just becoming more careless with personal data but the data loss diary for October 2008 is a real stinker.

10 October – Theft of an MOD laptop containing personal identifiers, passport details, National Insurance numbers, family details and medical records of 600,000 people who had expressed an interest in joining the Royal Navy, the Royal Marines and the Royal Air Force. Included 3,500 bank details too. The security services were involved following fears that the data could be used by terrorists to identify Muslim applicants.

13 October – Theft of a laptop owned by accountants Deloitte containing personal identifiers, salaries, National Insurance numbers and family details of around 5,000 Sky employees who are members of the BSkyB Pension Plan.

24 October – Email sent to 3,396 Leicester Students’ Union members who had applied for an NUS student discount card, which had attached to it the details of all other applicants including personal identifiers, mobile phone numbers and course details.

25 October – Unencrypted laptop stolen from a Lancashire Police officer’s car (whilst he was in it) containing undisclosed crime data, witness statements and officer reports. Actually stolen in March 2007 but uncovered only now following a Freedom of Information Act request.

29 October – Another unencrypted MOD laptop stolen from a parked car outside Army married quarters near the Aisne Road Barracks in Colchester, containing undisclosed data.

30 October – Theft of yet another laptop owned by accountants Deloitte containing personal data of over 150,000 rail workers and pensioners, being the property of RPMI – the body that administers railway pension schemes. Stolen ‘several weeks prior to the announcement to the general public’.

31 October – Patient files lifted by hospital visitor at Wishaw General Hospital who found them unattended. Contains the names and medical histories of an unspecified number of patients at the hospital.

31 October – A memory stick containing 12 million user names and passwords for the Government Gateway – the website that allows businesses and individuals to submit tax returns and to access government services – was found in a Brewer’s Fayre pub car park in Cannock, Staffs. The memory stick was owned by an employee of Atos Origin, which has a 5 year £47m contract to mangage the website. It was reported that the data was encrypted.