BreachExchange mailing list archives

Previous By Date Next
Previous By Thread Next

Lost council data stick contained bank details of 1, 000 residents

From: Jon Turner <jjturner () gmail com>
Date: Mon, 9 Mar 2009 18:45:39 +0000
http://www.24dash.com/news/Local_Government/2009-03-02-Lost-council-data-stick-contained-bank-details-of-1-000-residents

A county council today admitted losing a memory stick containing the names
and bank details of more than 1,000 housing-benefit recipients.

Wiltshire County Council has written to 1,385 residents in the Salisbury
area to apologise and reassure them the risk of their details being accessed
by an unauthorised person is "slight".

The county council's chief executive Keith Robinson, said: "We very much
regret the loss of this data and I am apologising to all those covered by
the data.

"We have clear procedures for sending data and on this occasion they were
not followed. We are investigating why this happened.

"Fortunately, personal data is routinely encrypted and password protected so
we judge the risk of misuse to be small. Nevertheless, I do apologise to all
those involved.

"In the light of this error, I am commissioning a review into our data
security by our Audit and IT services. I shall report publicly on the review
to the Council's Executive not later than May."

The data, comprised of names, addresses and bank details, is used by the
district council to pay housing benefit.

The council informed the national Information Commissioner when the breach
was discovered.

The letter sent from Mr Robinson to those concerned said: "The memory stick
was sent from the district council to the county council. When we had
finished with it we posted it back to them.

"Unfortunately, at some point the envelope got torn and the stick was lost.
We have looked very hard for it and I am afraid that we have not been able
to find it. The memory stick information included your name, address and
bank details, which we hold in order to pay your benefits.

"We do not think that you are at any significant risk, because the
information on the memory-stick is secure. Nevertheless, I thought it was
important to let you know what has happened.

"Although the risk is low, the advice is that you should monitor your bank
statements carefully to make sure that there are no unexplained
transactions."

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)

CREDANT Technologies, a leader in data security, offers advanced data encryption solutions.
Protect sensitive data on desktops, laptops, smartphones and USB sticks transparently 
across your enterprise to ensure regulatory compliance.
http://www.credant.com/stopdataloss
Previous By Date Next
Previous By Thread Next

Current thread: