MoD admits data loss bigger than thought

More people, more details, more problems

By John Oates, 14th October 2008

What you need to know about cloud backup

The MoD has admitted that the hard drive lost by EDS contained more information, on more people than originally believed.

We reported on Friday that EDS had lost the removable and unencyrpted drive containing detailed records on 100, 000 servicemen and women and names and phone numbers for 800, 000 people who had applied to join up.

But Armed Forces minister Bob Ainsworth told the House of Commons that the drive could contain information on up to 1.7m people who had made enquiries to join the armed services or were serving. For people who had only made an initial enquiry this would be just a name and phone number. But for actual applicants the files would include next of kin, passport and national insurance numbers, drivers' license and bank details.The drive, used by the TAFMIS recruitment system, was unencrypted. This follows the loss of 50, 000 personnel records from RAF Innsworth last month.

The MoD has set up a helpline for people who think their personal details could be at risk. Where bank details have been lost the department has also informed payment service APACS to flag accounts for possible fraud. MoD police are investigating the loss.

Ainsworth said the MoD holds data records for 200m people.

Ainsworth said: "the MOD is clear about the crucial need to implement wholesale improvements in how we store, protect and manage the use of personal data. We are also clear that we need to effect a significant behavioural change among our people at all levels. We are currently engaged in a comprehensive programme to do all of this."

He claimed that the MoD will be complying with standards set by the Burton review of MoD data handling by the end of March 2009 and by the standards set by the data handling review by October 2009.®

Agentless Backup is Not a Myth