[ISN] Not one but THREE military laptops have gone missing as security breach grows, admits Defence Secretary

From: InfoSec News (alerts@private)
Date: Tue Jan 22 2008 - 22:36:51 PST


http://www.dailymail.co.uk/pages/live/articles/news/news.html?in_article_id=509566&in_page_id=1770

The Daily Mail
21st January 2008

Three military laptops with personal details of up to 600,000 people 
have been lost, Defence Secretary Des Browne admitted today.

The Cabinet minister, who is understood to be furious at the data 
security breaches, told MPs this afternoon that the extent of the 
blunders was wider than previously revealed.

They are likely to lead to disciplinary action.

With the Ministry of Defence already under fire over the loss of one 
computer on 9 January, Mr Browne ordered an independent inquiry into 
military data security.

The laptop stolen in Birmingham this month - from the car of a Royal 
Navy officer who was involved in recruitment - contained details of 
600,000 people including passport numbers, insurance numbers, family 
background information and medical details.

The MoD is writing to about 3,500 people whose bank details were 
included on the database.

But Mr Browne today admitted that a Royal Navy laptop with almost 
identical information was stolen in October 2006 from a car in 
Manchester. It contained details of people who had expressed an interest 
in, or joined, the Royal Navy, Royal Marines and the RAF.

A third Army computer was stolen from a careers office in Edinburgh in 
December 2005 with details of 500 people.

The loss of unencrypted personal details has sparked fears that 
servicemen and women could be targeted by Islamist terrorists after 
police last year broke up an alleged plot to kidnap and kill a British 
Muslim soldier.

Mr Browne told MPs that security regulations to protect the sensitive 
information had not been followed including encryption.

He also expressed concern that the details of so many people, some 
dating back to 1997, were being carried around by recruitment officers.

The Defence Secretary stressed that ministers had not been told of the 
earlier security breaches and that military staff involved in the cases 
thought the information had been protected by encryption.

No evidence has yet emerged to suggest that criminals have made use of, 
or sold, the information on the laptops.

Mr Browne admitted that weaknesses had been identified in the military 
systems for safeguarding data held by training officers.

He also said that the problems and past cases had not been highlighted 
to a recent Cabinet Office-led review of data protection and made clear 
that military chiefs are likely to discipline those responsible for the 
errors.

The latest revelations will fuel doubts that the Government can be 
trusted to keep details safely about citizens. They follow the scandals 
of the Revenue and Customs' lost child benefit disc, containing personal 
information of 25 million individuals, and the loss of a disc drive 
containing personal information on three million driving test 
candidates.

The independent inquiry will be carried out by Sir Edmund Burton, 
chairman of the Information Advisory Council and former chairman of the 
Police Information Technology Organisation.


___________________________________________________      
Subscribe to InfoSec News
http://www.infosecnews.org/mailman/listinfo/isn 



This archive was generated by hypermail 2.1.3 : Tue Jan 22 2008 - 22:42:06 PST