In another addition to the UK government’s growing list of information security blunders, a data CD which was found labeled as coming form the UK Government’s Home Office Branch, was found lodged inside a laptop bought over the internet from eBay. Yes, bought online which at first was kind of funny for the laptop engineers who handled the device after it was brought in by a customer for repairs. The un-named customer apparently won the online bidding for the laptop and took it for repair to Leapfrog computers for repairs. The technicians found the disk crammed in between the keyboard panel and the main board and thought of it trivially till they read the words, “Home Office Confidential”. The seriousness of the situation arose when technicians found the laptop hard drive and the disk itself to be encrypted rendering the information stored within it un-readable. They immediately called the police which dispatched anti-terrorism units to recover the government laptop and took it to the Greater Manchester Police Headquarters for safe keeping.
These types of incidents are not unusual which began last year when on Nov 20, 25 million people and 7.2 million families had gone missing which had information such as names, addresses, dates of birth, child benefit numbers, national insurance numbers and bank and social security details. The Department of the Environment on the 11th of December, lost two computer disks containing names and addresses of 7,685 learner Northern Ireland motorists. On the same day, confidential information regarding dozens of prisoners/inmates released to private businesses. On Dec 11, a company union claimed that personal information of hundreds of members were sent to four companies by health authority employers. Unite said Sefton Primary Care Trust released data including names, dates of birth, salary, pension and national insurance numbers of 1,800 employees. On Dec 18, records of 3 million learner drivers’ information were lost when a hard disk which was sent to the US for maintenance was lost during processing. The HM Revenue and Customs Service lost 6,500 customers of private pension firms were lost contained within a computer cartridge. The NHS trust, lost patient information of 168,000 people and lastly, the Police records from Devon and Cornwall were found in a dump by a man looking for spare parts for computers who was going through scrap equipment.
Such incidents are alarming and very dangerous for some of the lost information were not even encrypted. The one they found within the laptop was encrypted but given time, a computer expert with no good intentions could theoretically have broken the code exposing sensitive information into the unknown. These are some of the ones that are publicly known and as it shows, the UK Government might want to shore up it’s strategy of safeguarding information for the public and it’s own sake.