UK Ministry of Defense Loses Hard Drive Containing Data on 700,000UK Ministry of Defense Loses Hard Drive Containing Data on 700,000
Officials still not sure whether drive was stolen or misplaced
October 10, 2008
A hard drive containing personal information on about 100,000 of the British armed forces -- as well as approximately 600,000 potential recruits -- has gone missing from a contractor's location.
The U.K. Ministry of Defense confirmed yesterday that the drive did not turn up in an audit of systems at the offices of its contractor, EDS, in Hook, U.K. The drive contains about 1.5 million pieces of information, including some bank and drivers license details, passport numbers, addresses, dates of birth, and telephone numbers.
"On Wednesday, October 8, we were informed by our contractor EDS that they were unable to account for a portable hard drive used in connection with the administration of Armed Forces personnel data," said a spokeswoman from the MOD. "This came to light during a priority audit EDS is conducting to comply with the Cabinet Office data handling review. The MoD Police are investigating this matter with EDS."
Investigators do not yet know whether the drive was lost or stolen from the EDS "secure" location. The spokeswoman would not confirm whether the data on the drive was encrypted or not.
Just over a week ago, another drive containing data on about 50,000 service personnel was stolen from a Royal Air Force location in Gloucestershire. (See Theft at RAF Facility Endangers Personal Data of 50,000.) In August, the U.K. Ministry of Justice lost data on about 45,000 individuals when a laptop was lost.
Nick Lowe, regional director for Northern Europe said: “Less than two weeks ago, unencrypted data was stolen on portable hard disc drives [from] an RAF base, and now we have possibly the biggest ever data loss from the MOD -- again from misplaced portable drives.
“When will organizations realise that the security of detailed, personal data of this kind cannot be left to chance?" Lowe wondered. "Portable disks and data cannot be left unprotected by automatic encryption, because they will go missing, be misplaced, or get stolen.” — Tim Wilson, Site Editor, Dark Reading
About the Author(s)
You May Also Like
Hacking Your Digital Identity: How Cybercriminals Can and Will Get Around Your Authentication MethodsOct 26, 2023
Modern Supply Chain Security: Integrated, Interconnected, and Context-DrivenNov 06, 2023
How to Combat the Latest Cloud Security ThreatsNov 06, 2023
Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and PhishingNov 01, 2023
SecOps & DevSecOps in the CloudNov 06, 2023