BreachExchange mailing list archives

Previous By Date Next
Previous By Thread Next

Home Office admits full extent of USB data loss

From: Jon Turner <jjturner () gmail com>
Date: Wed, 26 Aug 2009 15:09:17 +0100
http://www.v3.co.uk/v3/news/2248501/home-office-loss-revised

The Home Office has had to dramatically revise its estimates of the amount
of data contained on a memory
stick<http://www.v3.co.uk/vnunet/news/2224575/home-office-suspends-pa>lost
by third-party contractor PA Consulting last year.

The department's newly released Resource Accounts for
2008-09<http://www.official-documents.gov.uk/document/hc0809/hc04/0466/0466.pdf>(PDF)
say that the USB device containing Police National Computer and
prisoner data actually held 377,000 records, 250,000 more than originally
reported.
 Advertisement  [image:
advertisement]<http://ad.uk.doubleclick.net/jump/vnu.uk/enterprise-security-technology;chan=news;sect=news;subsect=;topcat=security;cat=enterprise-security-technology;artid=2248501;page=2248501;tile=3;sz=336x280;pos=top;ord=123456789?>

The revelation will raise further question marks about the ability of
government to safeguard the data of its citizens, especially when that data
is being handled by third-party consultancies.

New information released yesterday showed that the Home Office paid PA
Consulting a whopping £24.5m last year, up from just £8.4m the previous
year, owing to its work on the National Identity Scheme and the Interception
Modernisation Programme.

After the data breach last year, however, the Home Office terminated its
contract with PA Consulting, and carried out "a full review of the system
and procedures" that led to the breach.

"The department will continue to monitor and assess its information risk in
the light of these events, in order to identify and address any weaknesses
and ensure continuous improvement of its systems," said the Home Office
report.

A Home Office spokesperson said that the extra lost records came from users
of the Drugs Interventions Programme, according to government news site *
Kable*.

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)

Get business, compliance, IT and security staff on the same page with
CREDANT Technologies: The Shortcut Guide to Understanding Data Protection
from Four Critical Perspectives. The eBook begins with considerations
important to executives and business leaders.
http://www.credant.com/campaigns/ebook-chpt-one-web.php
Previous By Date Next
Previous By Thread Next

Current thread: