The Risks
AIRBOOK has been designed to solve the problem of mobile data loss by ensuring that corporate information may be remotely viewed and edited without leaving the protection of the enterprise network.
July 23, 2009
To further demonstrate the need for data security in a mobile environment, yesterday HSBC were fined £3m by the Financial Services Authority for loosing clients data.
In addition to fining HSBC £3m, during the past four years the FSA has fined the following banks for data security lapses:
- Capita Financial Administrators £300,000,
- Nationwide £980,000,
- BNP Paribas Private Bank, £350,000,
- Norwich Union £1,260,000 and
- Merchant Securities £77,000.
Read more of from this article
EDS LOSES UNENCRYPTED ARMED-FORCES DATA
October 10, 2008
From ZDNET
IT contractor EDS has lost a hard drive containing unencrypted Ministry of Defence data.
According to press reports, the drive contained sensitive information on approximately 100,000 armed-forces personnel, plus 600,000 potential recruits.
The Ministry of Defence confirmed to ZDNet.co.uk on Friday that a hard disk had been lost by EDS, but would not confirm that the removable hard disk contained personal information.
"On Wednesday 8 October we were informed by our contractor EDS that they were unable to account for a portable hard drive used in connection with the administration of armed-forces personnel data," the MoD said in a statement. "This came to light during a priority audit EDS are conducting to comply with the Cabinet Office data-handling review. The MoD police are investigating with EDS."
EDS told ZDNet.co.uk that the disk was being held in a secure location in premises in Hampshire when it went missing, but was unable to say exactly what data was on the drive.
DATA DISCS ON 18,000 NHS STAFF LOST IN THE POST
September 16, 2008
From COMPUTERWORLD.NET
The NHS has lost four data discs containing the details of 17,990 staff.
The discs were lost in the post in July, having been sent by London-based Whittington Hospital NHS Trust to payroll IT services provider McKesson. Senior management at the trust only become aware of the problem earlier this month.
The trust said a member of staff sent the data through the post instead of by courier, breaking trust policy. The employee has been suspended.
It did not confirm if the data was encrypted, but said it was password protected and “difficult” to crack. It has begun an internal investigation and is in communication with the police and the Information Commissioner. All staff have been notified.
Data lost included the names, birthdates, national insurance numbers, pay and attendance details of staff from the trust, as well as three other trusts: Islington Primary Care Trust, Camden Primary Care Trust, and Camden and Islington NHS Foundation Trust. Whittington manages the salaries of all four trusts.
LOSING PERSONAL DATA TOOK A STEP CLOSER TO BECOMING A CRIMINAL OFFENCE AFTER THE HOUSE OF LORDS BACKED A CHANGE IN THE LAW.
Tuesday April 29, 2008
From ZDNET
Losing personal data took a step closer to becoming a criminal offence after the House of Lords backed a change in the law.
Peers supported an amendment to the criminal justice and immigration bill, which would make it a criminal offence to carelessly release or lose personal data. The amendment, proposed by Liberal Democrat Lady Miller, would make it an offence for anyone to "intentionally or recklessly disclose information" or "repeatedly and negligently" allow information to be disclosed. The amendment must be sanctioned by the House of Commons before it can become part of the bill.
It follows calls by the information commissioner Richard Thomas for the criminalisation of reckless data loss earlier this year. A Ministry of Justice spokesman said it would consider its position on making data loss a criminal offence following the Lords vote. He said: "The government has previously acknowledged that it needs to improve trust and confidence in the arrangements to protect personal data and is currently in the process of doing this." In light of this development, he added the government will now look at the most appropriate course of action. The move towards outlawing the reckless loss of data follows silicon.com's campaign for full disclosure.
IRISH BANK REPORTS STOLEN LAPTOPS
Tuesday April 22, 2008
From Sky News
One of Ireland's largest banks has finally admitted losing the personal details of around 10,000 customers in a spate of computer thefts which happened last year.Four laptops taken from the Bank of Ireland held the names, addresses, bank account details and medical histories of life insurance policy holders.
They were stolen between June and October last year, but the bank only informed the country's data protection authority last Friday.
Bank officials say while the laptops do have security measures, customers details had not been encrypted.
Bank of Ireland's managing director blamed "human error" for the reporting delay.
Read more of this article
BANK LOSES DISC WITH CUSTOMERS' DETAILS
April 07, 2008
From Sky News
Banking giant HSBC faces an inquiry after it admitted losing a disc containing personal information about 370,000 customers.
It went missing after being sent by courier from the group's offices in Southampton to an insurance firm.
The disc contained the names, dates of birth and insurance cover levels of people with life assurance at the bank, generally linked to a mortgage.
Read more of this article
MoD ADMITS INQUIRY INTO 69 LOST LAPTOPS
January 22, 2008
From the Guardian
Richard Norton-Taylor
The Ministry of Defence is investigating the reported loss of 69 laptops and seven personal computers over the past year, officials revealed yesterday, as Whitehall staff were banned from removing laptops containing sensitive data from their offices.
The extent of the lack of security surrounding MoD computers containing un-encrypted information emerged as Des Browne, the defence secretary, announced an inquiry into the latest theft: a laptop containing information on 600,000 people - recruits and those who had expressed an interest in joining the armed forces - which was stolen from a naval officer's car earlier this month.
MUSLIM TROOPS AT RISK AFTER LAPTOP THEFT
January 20, 2008
From the Sunday Times
David Leppard
CONCERNS about the safety of serving Muslim military personnel and recruitswere raised yesterday after it emerged that their personal details were among those of 600,000 people held on a laptop stolen from a Royal Navy officer’s car in Birmingham.
NHS LOSES PATIENTS' DATA ON USB DRIVE
18 Jan 2008
The reputation of the NHS for securely holding information has suffered a further blow after the loss of another 4,000 medical and personal details came to light on Friday.
Stockport Primary Care Trust (PCT) admitted it had not informed the thousands affected after it lost their names, dates of birth and details of medical conditions in December.
The details, which also included NHS numbers and details of GPs, was on a USB drive that was dropped by an employee.
The lapse comes in the wake of the Thousands more UK patients' details lost loss of hundreds of thousands of patients' records by nine NHS trusts in December.
Stockport PCT said it had searched for the missing drive but it had not been found, adding that local GPs and the Department of Health have been informed.
The chief executive of Stockport PCT, Richard Popplewell, said in a statement that the drive did not have a protective cover and had been dropped on a road during a rainy day.
PATIENTS' DATA LOST BY NHS TRUSTS
From the Times Online
24 Dec 2007
Nine NHS trusts have lost the records of hundreds of thousands of adults and children, the government said on Sunday, in the latest embarrassing loss of data by official bodies.
The Sunday Mirror said patient details were lost in 10 incidents at the NHS Trusts.
A CD with the names and addresses of 160,000 children was lost by the City and Hackney trust in east London and records of 244 cancer patients had been misplaced by the Maidstone and Tunbridge Wells Health Trust in Kent, the paper reported.
MILLIONS MORE ID RECORDS GO MISSING
From the Times Online
18 Dec 2007
The records of more than three million British learner drivers have gone missing from a “secure facility” in the US, an embarrassed Government admitted last night.
Labour’s dismal autumn hit another low as, minutes after ministers admitted that they still did not know the whereabouts of two discs holding sensitive information on 25 million people, they were forced to confess they had lost the details of all candidates for the driving theory test between 2004 and 2007.
PATIENT DETAILS LOST AFTER NHS LAPTOP THEFT
17 Dec 2007
Patient records which link to images of individuals' retinas were held on a laptop stolen from a GP's surgery in Wales.
Cardiff and Vale NHS Trust has admitted that a laptop computer was stolen from St Julian's GP surgery in Newport, Wales on 5 November.
Although the laptop does not contain any medical information on patients, it does hold details of clinic lists, which include patients' names, addresses, dates of birth and contact telephone numbers. The record links to an image of the patient's retina and, in some cases, the patient's NHS number is also recorded.
There is some uncertainty around the true scale of the incident, but some 950 patients have definitely been affected by the incident and the trust said it would write to each of them individually.
In a statement issued on Thursday, the trust's chief executive, Hugh Ross, said: "It is possible that further patient records, which were due to be deleted, may still be stored on the computer. The trust has no way of knowing if this is the case unless the laptop can be recovered."
LAPTOP STOLEN FROM CITIZENS ADVICE
10 Dec 2007
A laptop containing client information has been stolen from the car of an employee of Citizens Advice in Northern Ireland.
Up to 60,000 client records are held on the computer, which was stolen in the early hours of 5 December, 2007. According to Citizens Advice in Northern Ireland, the data stored relates to people from the Belfast area who have sought advice from a Citizens Advice Bureau office within the city.
The amount of information held varies from case to case, but most records would include name, address, date of birth and National Insurance number. In a number of cases, some financial information is also recorded, including the client's bank account number.
BROWN APLOLGISES FOR RECORDS LOSS
21 Nov 2007
Prime Minister Gordon Brown has said he "profoundly regrets" the loss of 25 million child benefit records.
He apologised in the Commons for the "inconvenience and worries" caused and said the government was working to prevent the data being used for fraud.
But Conservative leader David Cameron said the government had "failed in its first duty to protect the public".
The Revenue and Customs data on the two missing discs includes names, dates of birth, bank and address details.
M&S STAFF AT RISK IN LAPTOP THEFT
03 May 2007
Staff at Marks and Spencer have been warned they may be at risk of identity crime after the theft of a laptop.
Salary details, addresses, dates of birth, national insurance and phone numbers were on the machine which was stolen from a printing firm.
M&S has told BBC Radio 4's Money Box that 26,000 present employees in its final salary pension scheme are at risk if the data is accessed by criminals. It is offering free credit checks to the people affected.
NATIONWIDE FINE FOR STOLEN LAPTOP
14 Feb 2007
The Nationwide Building Society has been fined £980,000 by the City watchdog over security breaches.
The fine follows the theft of a laptop from a Nationwide employee's home which contained confidential customer data.
The Financial Services Authority (FSA) found security was not up to scratch after the man had put details of nearly 11 million customers on his computer.
The FSA also found that the Nationwide did not start an investigation until three weeks after the theft occurred.
close ›