UK: Lost laptop exposes thousands of pension records

[lyger <lyger () attrition org>]

http://www.theregister.co.uk/2009/05/28/pension_data_breach_alert/

A lost laptop containing the personal data of 109,000 Pensions Trust's 
members has sparked the latest in a growing list of information security 
breach alerts.

The missing machine was stolen from the offices of NorthgateArinso, 
suppliers of the Pensions Trust's computerised pensions administration 
system, where it was was being used "as a database for development, 
training and performance testing".

Data on the drive was not encrypted but it was password protected - as if 
that provides much in the way of reassurance. Data held on the laptop 
included name, address, date of birth, NI number, name of employer, salary 
details, name of and relationship to nominees and, for those drawing a 
pension, bank account details.

[...]
_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)

Get business, compliance, IT and security staff on the same page with
CREDANT Technologies: The Shortcut Guide to Understanding Data Protection
from Four Critical Perspectives. The eBook begins with considerations
important to executives and business leaders.
http://www.credant.com/campaigns/ebook-chpt-one-web.php