Feeds

UK.gov loses driver ID data

More unencrypted CDs go walkies

Internet Security Threat Report 2014

Unencrypted computer discs containing the names and addresses of 6,000 Northern Ireland motorists has gone missing in the post.

The material, which was sent from Northern Ireland Driver and Vehicle Agency to the UK's main Driver and Vehicle Licensing Agency in Swansea, is reckoned to gave gone astray in a sorting centre in Coventry. The agency has written to drivers involved apologising for the slip-up.

The data was sent in requests from vehicle manufacturers, who needed to send drivers information about potential faults with various vehicle models. Information held on the two missing CDs included the registration number, chassis number, make and colour of 7,685 vehicles as well as the names and addresses of more than 6,000 registered owners. No financial data was included on the discs, the BBC reports.

News of the data loss at the DVLA comes shortly after the far larger Child Benefit data leak at HM Revenue & Customs that's left the government hunting for discs containing data of 25m people. The latest incident provides evidence that using CDs to distribute unencrypted data about citizens was, if not standard government practice, then a common insecure method used across multiple government agencies.

The wider problem of the exposure of confidential data is far from confined to government departments, nor indeed to lost CDs. In the latest such incident, Leeds Building Society warned its workforce of 1,000 that it had mislaid copies of their personal details during the process of moving its HR department during a building refurbishment project, the Press Association reports.

There's no evidence of fraud involving the data losses at either the DVLA or Leeds Building Society. In all probability the lost information is probably stuck behind a filing cabinet or sorting machine rather than in the hands of cybercrooks.

Other data loss incidents - of which there have been many in recent months on both sides of the Atlantic - have involved stolen laptops and suspected hacking attacks. ®

Internet Security Threat Report 2014

More from The Register

next story
George Clooney, WikiLeaks' lawyer wife hand out burner phones to wedding guests
Day 4: 'News'-papers STILL rammed with Clooney nuptials
Shellshock: 'Larger scale attack' on its way, warn securo-bods
Not just web servers under threat - though TENS of THOUSANDS have been hit
Apple's new iPhone 6 vulnerable to last year's TouchID fingerprint hack
But unsophisticated thieves need not attempt this trick
PEAK IPV4? Global IPv6 traffic is growing, DDoS dying, says Akamai
First time the cache network has seen drop in use of 32-bit-wide IP addresses
Oracle SHELLSHOCKER - data titan lists unpatchables
Database kingpin lists 32 products that can't be patched (yet) as GNU fixes second vuln
Researchers tell black hats: 'YOU'RE SOOO PREDICTABLE'
Want to register that domain? We're way ahead of you.
Stunned by Shellshock Bash bug? Patch all you can – or be punished
UK data watchdog rolls up its sleeves, polishes truncheon
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
The next step in data security
With recent increased privacy concerns and computers becoming more powerful, the chance of hackers being able to crack smaller-sized RSA keys increases.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.