MoD admits data loss bigger than thought
More people, more details, more problems
What you need to know about cloud backup
The MoD has admitted that the hard drive lost by EDS contained more information, on more people than originally believed.
We reported on Friday that EDS had lost the removable and unencyrpted drive containing detailed records on 100, 000 servicemen and women and names and phone numbers for 800, 000 people who had applied to join up.
But Armed Forces minister Bob Ainsworth told the House of Commons that the drive could contain information on up to 1.7m people who had made enquiries to join the armed services or were serving. For people who had only made an initial enquiry this would be just a name and phone number. But for actual applicants the files would include next of kin, passport and national insurance numbers, drivers' license and bank details.The drive, used by the TAFMIS recruitment system, was unencrypted. This follows the loss of 50, 000 personnel records from RAF Innsworth last month.
The MoD has set up a helpline for people who think their personal details could be at risk. Where bank details have been lost the department has also informed payment service APACS to flag accounts for possible fraud. MoD police are investigating the loss.
Ainsworth said the MoD holds data records for 200m people.
Ainsworth said: "the MOD is clear about the crucial need to implement wholesale improvements in how we store, protect and manage the use of personal data. We are also clear that we need to effect a significant behavioural change among our people at all levels. We are currently engaged in a comprehensive programme to do all of this."
He claimed that the MoD will be complying with standards set by the Burton review of MoD data handling by the end of March 2009 and by the standards set by the data handling review by October 2009.®
COMMENTS
Aren't they already breaching the DPA
By handing this information over to EDS in the first instance?
Didn't they have a backup?
Shouldn't this be called "data leak" instead of "data loss"? I mean, they did have a backup, did they??

IT infrastructure monitoring strategies
Agentless Backup is Not a Myth
Steps to Take Before Choosing a Business Continuity Partner
Enabling efficient data center monitoring
Requirements Checklist for Choosing a Cloud Backup and Recovery Service Provider