With a hat tip to Neil C, this is just the list from the last 6 months.
17 September 2008 The Insolvency Service. Laptop containing personal details of 385 former directors of insolvent companies has been stolen. Greater Manchester Police are investigating the burglary, which happened on 28 August. The Insolvency Service said 385 ex-company directors had been affected and also about 150 people with a connection to the firms. Information on the company directors included name, address, date of birth and occupation. No bank account details were held. In relation to the creditors, complainants and employees, the data included name, address, and bank account details in a small number of cases.
16 September 2008.
NHS memory stick found in street. An NHS trust has apologised after a computer memory stick, containing the confidential files of 200 patients, was found in a street. It stored a summary of medical histories and patients’ national insurance numbers and addresses.
Monday, 15 September 2008 18:19 UK.
Police admit to lost data blunder. A police force has undertaken an urgent hunt for a computer memory stick after admitting it has been lost by an officer on duty. A police force has undertaken an urgent hunt for a computer memory stick after admitting it has been lost by an officer on duty.
Monday, 15 September 2008 18:12 UK. Trust loses 18,000 staff records. Discs containing personal information on almost 18,000 NHS staff have gone missing from a north London hospital. Discs containing personal information on almost 18,000 NHS staff have gone missing from a north London hospital.
10 September 2008 11:34 UK
Up to 15,000 patients’ data taken
Computer back-up tapes containing personal information on up to 15,396 patients at a surgery have been stolen. “There are 15,396 patients registered at the surgery and potentially information on all of them could be on the tapes.
SEPTEMBER 2008: JUSTICE STAFF DETAILS The government confirmed that a portable hard drive holding details of up to 5,000 employees of the justice system was lost in July 2007. The details of employees of the National Offender Management Service in England and Wales, including prison staff, were lost by a private firm, EDS. The details of employees of the National Offender Management Service in England and Wales, including prison staff, were lost by a private firm, EDS.
The details of employees of the National Offender Management Service in England and Wales, including prison staff, were lost by a private firm, EDS. The details of employees of the National Offender Management Service in England and Wales, including prison staff, were lost by a private firm, EDS. It also held personal details of about 10,000 prolific offenders.
27 August 2008 12:38 UK,
Health board lost patients’ data
A health board has tightened its security measures after the loss of two memory sticks containing patient data.
27 August 2008 12:05 UK Taxpayers’ details found on eBay. A Leicestershire council is investigating a report that a computer containing taxpayers’ personal details was sold on auction website eBay. Bank account numbers and sort codes of people in the Charnwood Borough Council area were reportedly found after the equipment was sold for £6.99. Information including bank account numbers, telephone numbers, mothers’ maiden names and signatures of customers of American Express, NatWest and the Royal Bank of Scotland (RBS) were reportedly found on the computer.
Thursday, 21 August 2008 22:56 UK
Company loses data on criminals
A contractor working for the Home Office has lost a computer memory stick containing personal details about tens of thousands of criminals. The lost data includes details about 10,000 prolific offenders as well as information on all 84,000 prisoners in England and Wales.
9 August 2008 13:06 UK
BBC sorry after TV data is stolen
The BBC has apologised after a memory stick containing the personal details of hundreds of children who had applied to take part in a TV show was stolen. Deverell also informed parents they could call a free helpline if they had concerns about the lost data - which included names, addresses, dates of birth and phone numbers.
29 July 2008 09:42 UK
Missing laptop data not ‘at risk’
A laptop computer from the Citizens Advice Bureau in Coleraine has gone missing. The details of about 7,000 people were on the computer of an outreach worker from the voluntary group which was mislaid in transit.
Wednesday, 23 July 2008 14:17 UK
Surgery patients’ data is stolen
Information on more than 3,500 patients at a surgery in Greater Manchester has been stolen, health bosses have said.
22 July 2008 20:56 UK
‘Spying’ requests exceed 500,000
More than 500,000 official “spying” requests for private communications data such as telephone records were made last year, a report says. Police, security services and other public bodies made requests for billing details and other information.
18 July 2008 18:52 UK
MoD admits loss of secret files
More than 100 USB memory sticks, some containing secret information, have been lost or stolen from the Ministry of Defence since 2004, it has emerged. The department also admitted that more than 650 laptops had been stolen over the past four years - nearly double the figure previously claimed. But the MoD insisted its policies were “generally fit for purpose”. The Mod said it has no idea on when, where and how the memory sticks were lost. The official total is now 658 laptops stolen, with another 89 lost. Just 32 have been recovered.
17 July 2008 15:53 UK
MOTs data viewed by India workers
IT workers in India were given access to a database of all vehicles subject to an MOT in Britain, the Department for Transport has confirmed. The data included details of 65,000 MOT testers and 16,500 people authorised to examine vehicles for MOTs, but no information on vehicle owners. Ministers said Siemens staff testing software could view but not save, amend or copy the information. The Tories said the government lacked “basic competence… with our data”.
17 July 2008 06:43 UK
NHS trusts lose confidential data
More than 150 incidents of data being lost at NHS trusts across Wales have put patient and staff details at risk. Among the examples over a three year period, patient details from an entire children’s ward in Wrexham were found on a piece of paper in a puddle. In another revealed by BBC Wales after Freedom of Information (FOI) requests, a highly confidential child protection file was sent to the wrong address. Health Minister Edwina Hart said she was “quite horrified” by the findings. Its other cases included a senior nurse finding a sheet of paper lying in a puddle that had “confidential and sensitive information”, including the names and diagnosis of every patient in the children’s ward at Wrexham Maelor Hospital in March 2006. Cardiff and Vale had six computers - mainly laptops - stolen between December 2005 and November 2007. Cardiff and Vale had six computers - mainly laptops - stolen between December 2005 and November 2007. Confidential personal information also went missing by mail, fax and courier from Velindre NHS Trust. North West Wales NHS Trust reported 10 incidents of patient information being seen by others due to “clerical errors”. Carmarthenhire NHS Trust had 24 security breaches - mainly thefts of staff wallets and purses - though three laptops were also stolen.
16 July 2008 16:42 UK. The police inquiry into the loss of data discs containing the details of 25 million people cost £473,544, the government has revealed. The two discs, containing child benefit records, were lost after being sent by post last year and were never found.
, 15 July 2008 17:54 UK
Warning over phone calls database
A central database holding details of everyone’s phone calls and emails could be a “step too far for the British way of life”, ministers have been warned.But Information Commissioner Richard Thomas said “lines must be drawn” to defend “fundamental liberties”. But Information Commissioner Richard Thomas said “lines must be drawn” to defend “fundamental liberties”. The government says the growth of the internet means changes must be made to the way communications are intercepted in order to combat terrorism and crime.
11 July 2008 21:22 UK
Scrutiny call after files found
Calls have been made for all abandoned Scottish hospital buildings to be examined, after private patient data was found at a disused site in Carluke. BBC Scotland revealed that X-rays marked with patients’ names, photographs and other paperwork were found at the derelict Law Hospital.
11 July 2008 14:24 UK
Files found in abandoned hospital
Confidential patient information has been left lying in an abandoned hospital in Lanarkshire, BBC Scotland can reveal. X-rays marked with patients’ names, photographs and other paperwork were found scattered at Law Hospital in Carluke, which closed in 2001.
8 July 2008 15:45 UK
Surgery loses patient data tape
A tape containing the records of more than 11,000 patients has been lost by a GP practice in Greater Manchester. The magnetic tape contains duplicates of current and old patient details at Whitaker Lane Practice in Prestwich.
4 July 2008 16:58 UK
Health bosses order data amnesty
Health bosses have ordered a data amnesty after an employee lost personal information of 137 patients. Health bosses have ordered a data amnesty after an employee lost personal information of 137 patients. Health bosses have ordered a data amnesty after an employee lost personal information of 137 patients. The letters cover details of patients in the central Edinburgh from 2006.
3 July 2008 16:39 UK
Health worker loses patient data
A health worker with NHS Lothian has admitted losing a memory stick containing the personal information of 137 patients. Copies of letters sent to GPs over two years had been stored on the device. It stressed that the worker had breached regulations prohibiting the storing of NHS information on personal portable computing devices. It stressed that the worker had breached regulations prohibiting the storing of NHS information on personal portable computing devices.
3 July 2008 13:13 UK ID card fingerprint errors fear
Mismatched or unclear fingerprints could hamper the government’s £5.6bn ID card scheme, independent experts warn. The Biometric Assurance Group (BAG) says officials may struggle to cope with the number of false matches, which could run into tens of thousands. Everyone applying for a passport from 2010/11 will have to submit to a digital fingerprint scan, with the prints to be stored on a database. They will then have a choice of a passport or ID card which the government says will help them to prove their identity when challenged by the police, border officials or in some commercial transactions such as with banks. Any false matches - which could result in the wrong person being arrested or prevented from entering the country - will be dealt with manually. In its annual report for 2007, published this week, the BAG suggests the government has underestimated how much time and effort this will take. It says dealing with mistakes - called “exceptional handling” - will be a “large part” of the National Identity Scheme’s work.
JULY 2008: MEMORY STICKS AND LAPTOPS The Ministry of Defence confirmed that 121 computer memory sticks and more than twice as many laptops than previously thought have been lost or stolen in the past four years. Armed Forces Minister Bob Ainsworth gave a written statement to parliament saying 121 USB memory devices had gone astray - five of which contained secret data. And in a parliamentary written answer, Defence Secretary Des Browne said 747 laptops had been stolen - 400 more than originally reported. Of those, 32 have been recovered so far.
30 June 2008 15:57 UK
Patient files stolen with laptop
A laptop computer containing the personal details of several thousand patients has been stolen from the car of a senior hospital manager. The machine was stolen on 18 June from a car belonging to a Colchester University Hospital manager which had been parked in Edinburgh, Scotland. Details on it taken include patient names, postcodes and treatment plans.
25 June 2008 21:34 UK
TfL card data sharing criticised
The Information Commissioner’s Office has criticised Transport for London for “collecting data without a clear purpose” for the children’s photocard. From June Transport for London (TfL) made it mandatory for children aged between 11 and 18 to carry an Oyster photocard in order to gain free travel. But some parents have raised concerns given that TfL admits application data will be shared with its subsidiaries. TfL said it needed such information to prevent anti-social behaviour. The company took “the security of personal data extremely seriously”, it said. Police regularly use information on the adult Oyster card system to get details about passenger movements. BBC London has learned that in the past year they made at least 3,000 requests for information. Rachel Rolfe, a mother who objects to the practice, said: “I don’t think that children need ID cards, once your information is out there you can never get it back. And I think you can’t protect it.” A spokesperson for the ICO said: “It is not clear whether young people are really being offered a genuinely free choice here. “We have some concerns that the information provided to young people about Zip cards does not clearly state why the personal information is being collected, how it will be used and how long it will be retained.
25 June 2008 18:40 UK
No progress finding lost 999 disc
Details of almost 900,000 calls to the Scottish Ambulance Service are still missing, Health Secretary Nicola Sturgeon has told parliament. It emerged earlier this week that a portable data disc had been lost while being transported to Manchester by the courier firm TNT. The disc included the names of some patients, addresses of incidents and phone numbers received in calls to the service over the past two years.
25 June 2008 14:52 UK
Tougher data rules for Whitehall Tougher rules aimed at keeping people’s personal records private are to be introduced in government departments.
Sir Gus said: “Although no organisation, public or private, can ever guarantee that it will never make a mistake, I believe the measures we are announcing today will ensure that the public can be assured we are taking the necessary measures to keep people’s data secure.”
23 June 2008 02:50 UK
Firms ‘give out’ customer details
Businesses are giving out personal and confidential details about customers to third parties in a bid to boost sales, an internet security firm has claimed. StrongMail said a fifth would give out credit card information and 7% would disclose customers’ sexual orientation.
18 June 2008 15:40 UK
Six laptops stolen from hospital
Six laptops containing information about 20,000 patients have been stolen from a south London hospital. Patient information kept on the laptops includes brief medical notes, names, dates of birth and postcodes. The hospital accepts the data should not have been stored on portable computers and has written to every patient to apologise.
17 June 2008 20:45 UK
Blears PC loss - officials blamed
Information on a computer stolen from Communities Secretary Hazel Blears’ office had been sent in breach of data security rules, it has emerged. The Communities and Local Government department admitted its officials had “not fully” complied with guidance on handling sensitive data. The computer contained a combination of constituency and government information relating to defence and extremism.
JUNE 2008: TERROR DOCUMENTS A senior intelligence officer from the Cabinet Office was suspended after documents were left on the seat of commuter train from London Waterloo. A passenger later handed them to the BBC. The seven-page file, classified as “UK Top Secret”, contained a report entitled “Al-Qaeda Vulnerabilities” and an assessment of the state of Iraq’s security forces. Cabinet Minister Ed Miliband said there had been a “clear breach” of security rules, which forbid the removal of such documents from government premises. But Mr Miliband said national security did not seem to be “at risk”.
14 June 2008 13:09 UK
Police data ’secure’ after theft
Avon and Somerset Police said it is confident the force computer network is “very secure” and security around its computer systems is effective. The assurance follows the theft of a laptop computer used by deputy chief constable, Rob Beckley, from a car in London on Wednesday afternoon.
8 June 2008 11:17 UK
ID cards ‘could threaten privacy’
The government should limit the data it collects on citizens for its ID card scheme to avoid creating a surveillance society, a group of MPs has warned. The home affairs select committee called for proper safeguards on the plans for compulsory ID cards to stop “function creep” threatening privacy. It wants a guarantee the scheme will not be expanded without MPs’ approval.
21 May 2008
CPS criticised over DNA data disc
An inquiry has found “significant shortcomings” in the Crown Prosecution Service’s handling of DNA data linked to serious crimes abroad. Dutch police sent a disc, containing 2,159 DNA profiles from crime scenes, to the CPS in January 2007, so it could be checked against the UK’s database. His report said the data was unexpectedly sent to the CPS, not the police, by ordinary business post and was not addressed to a particular department or individual. The inquiry found no evidence that the disc had been copied or ever left the building.
20 May 2008 12:08 UK
Confidential health records lost
Confidential health records of more than 38,000 patients have gone missing after a computer back-up tape was lost by a courier firm, an NHS trust said. The Isle of Wight’s Sandown Health Centre sent its records to a specialist firm for its software to be checked. But the tape, containing records of patients dating back to July 1996, failed to arrive when it was sent back using courier firm City Link in March.
APRIL 2008: MCDONALD’S LAPTOP An Army captain’s laptop was taken from under his chair as he ate in a McDonald’s, near the Ministry of Defence’s Whitehall headquarters. The MoD said the data on the laptop was not sensitive, and was fully encrypted. This is the latest MoD laptop theft to be made public and it came after the government tightened the rules on employees taking computers out of work.
21 April 2008 00:17 UK
Customer data ‘needs protection’
Companies and public bodies are not doing enough to protect customers’ data, the UK’s privacy watchdog and a major survey of security have said. The Information Commissioner said that the 94 security breaches reported to him last year was an “alarming” number. The survey of more than 1,000 firms suggested that almost 90% of them let staff leave offices with potentially confidential data stored on USB sticks. Information Commissioner Richard Thomas said of the 94 data breaches, two thirds were committed by government or other public sector bodies. Data had been recovered in only three of the 94 cases, he said.
13 April 2008 19:55 UK
Sensitive data ‘lost by councils’
Personal data about members of the public has been lost or wrongly revealed by 13 London councils in the last year, a BBC survey has found. Some 23 councils replied to the freedom of information request, with more than half saying data had been lost, stolen or inadvertently disclosed. In one instance, sensitive information about children in care was stolen when a youth worker took files into a bar.
8 April 2008 09:41 UK
Personal data found by developers
Personal details of hundreds of people in Lincolnshire have been found in a council building being redeveloped. The documents which belong to East Lindsey District Council, included names, addresses and credit card details of residents. They were found by developer Richard Borthwick who is working on the Dunes Centre in Mablethorpe.
7 April 2008
HSBC loses customers’ data disc
The HSBC banking group has admitted losing a computer disc with the details of 370,000 customers. The disc was lost four weeks ago after being sent by courier from the bank’s life insurance offices in Southampton. The customers’ details included their names, dates of birth, and their levels of insurance cover. “We are looking into it and basically it has got lost from A to B,” said an HSBC spokesman. There are no financial details there in terms of banking details. There are no address details or anything like that,” he added. As well as name, date of birth and value of the cover, the documents revealed only the customer’s policy number and whether or nor the customer was a smoker.
7 April 2008
Probe into data files discovery
An investigation into the discovery of personal data in folders in a skip at an Aberdeen ice rink has been launched. The parents of young ice skaters said they were angry after the folders with names, addresses and dates of birth were found outside the Linx Ice Arena.
23 March 2008
Heathrow fingerprint plan probed. Plans to fingerprint passengers at Heathrow’s new Terminal 5 are being probed by the data protection watchdog.The idea behind the fingerprinting is to make it impossible for a terrorist to arrive at Heathrow on a transit flight, then exchange boarding passes with a colleague in the departure lounge and join a domestic flight to enter the UK without being checked by immigration authorities.
But Deputy Information Commissioner David Smith told the Mail on Sunday: “We want to know why Heathrow needs to fingerprint passengers at all.
14 March 2008
‘Lax standards’ on data security
The government has persistently failed to take data protection “sufficiently seriously,” the Joint Committee on Human Rights has warned.Episodes such as the loss of child benefit discs containing 25m people’s details were “symptomatic of lax standards,” said MPs and peers. The report said this did not “inspire confidence” in controversial plans for a National Identity Register. The joint committee’s report on data protection and human rights notes that it has pointed out its concerns on 18 previous occasions and suggests such lapses may break the Human Rights Act.
12 March 2008. Personal data breaches affecting thousands of people have been uncovered by BBC Scotland’s Investigations Unit. The information was revealed through freedom of information requests to NHS boards, councils and police forces. These included lost patient notes, information on sex offenders and compromised payroll data. All the bodies said they took any breach or loss of information very seriously and urged their staff to report even minor incidents.
6 March 2008
300,000 prescriptions lost by NHS
Thousands of prescription forms, carrying the names and addresses of patients, go missing every year as they are transported around the NHS.The government has admitted that almost 300,000 have been lost or stolen in England since 1997. In response to a Parliamentary Question from the Conservatives, Ms Primarolo said that between April 1997 and September last year, a total of 298,100 forms went missing in 220 separate incidents of loss or theft.
5 March 2008
NHS in East publishes data loss The NHS in the East of England has started to publish information on any loss of data as part of its commitment to confidentiality and security. The three cases of missing data include a lost memory stick which mentioned 35 patients and printed information on 43 patients which was thrown in a bin.
written by La Bete
\\ tags: data loss, incompetence, stupid government
