MoD admits data loss bigger than thought
Print storyMore people, more details, more problems
Posted in Government, 14th October 2008 07:50 GMT
See what The Register's experts have to say on application security
The MoD has admitted that the hard drive lost by EDS contained more information, on more people than originally believed.
We reported on Friday that EDS had lost the removable and unencyrpted drive containing detailed records on 100, 000 servicemen and women and names and phone numbers for 800, 000 people who had applied to join up.
But Armed Forces minister Bob Ainsworth told the House of Commons that the drive could contain information on up to 1.7m people who had made enquiries to join the armed services or were serving. For people who had only made an initial enquiry this would be just a name and phone number. But for actual applicants the files would include next of kin, passport and national insurance numbers, drivers' license and bank details.The drive, used by the TAFMIS recruitment system, was unencrypted. This follows the loss of 50, 000 personnel records from RAF Innsworth last month.
The MoD has set up a helpline for people who think their personal details could be at risk. Where bank details have been lost the department has also informed payment service APACS to flag accounts for possible fraud. MoD police are investigating the loss.
Ainsworth said the MoD holds data records for 200m people.
Ainsworth said: "the MOD is clear about the crucial need to implement wholesale improvements in how we store, protect and manage the use of personal data. We are also clear that we need to effect a significant behavioural change among our people at all levels. We are currently engaged in a comprehensive programme to do all of this."
He claimed that the MoD will be complying with standards set by the Burton review of MoD data handling by the end of March 2009 and by the standards set by the data handling review by October 2009.®
Increase your knowledge of the latest threats to your busines
The future of SaaS and IT infrastructure management
The Total Economic Impact of Dell's PC products and services
The best practices guide for application security
Avoiding 7 common mistakes of IT security compliance
The starter PKI program
Win a Samsung C6625!
Is your cameraphone an oxymoron?
Windows 7, Bing and security: Mr Ballmer regrets
Sign up, sign up for The Register IT security newsletter