Data theft seems to becoming the order of the day. Only a day after it was reported that the World Bank had been subject to several cyber attacks over the last year that may severely comprised a lot of international financial information, comes the news that the UK Ministry of Defence (MoD) has lost a computer disk containing personal details of up to 100,000 service personnel and 600,000 applicants.
MoD officials said that the hard drive was linked to the training administration and financial management information system (Tafmis). Details relating to the 100,000 serving members include bank and driving licence information, next-of- kin addresses and dates of birth.
Now, the MoD faces an investigation by the British Information Commissioner on this issue. Richard Thomas, the commissioner, will decide what steps to take after the MoD has completed its own inquiry. The removable hard drive was supposed to have been stored in a secure room with only limited access to personnel with special pass codes.
The MoD contacted the commissioner after EDS, the company responsible for protecting the confidential data, failed to find the hard drive during an audit ordered by the Cabinet Office. ''There have to be adequate safeguards in place when protecting confidential data,'' the commissioner's spokeswoman said.
The hard drive was being stored at a site in Hook, a town about 45 miles west of London, when it disappeared, according to the British subsidiary of EDS, which is based in Plano, Texas. EDS declined to say whether the drive held encrypted data.
The military said it was investigating the loss of the device. The loss, announced during National Identity Fraud Prevention Week, an awareness drive partly sponsored by the government, was one of a series of information breaches at the Defense Ministry.
A MoD spokeswoman said on Friday, "On Wednesday, October 8th we were informed by our contractor EDS that they were unable to account for a portable hard drive used in connection with the administration of Armed Forces personnel data. This came to light during a priority audit EDS are conducting to comply with the Cabinet Office data handling review. The MoD police are investigating this matter with EDS."
Last month, the ministry said a drive containing sensitive personnel information had been stolen from a military base. Earlier this year, the military said a laptop with personal details on 600,000 new and prospective recruits had been stolen.
Last year, computer disks containing information, including banking records, on nearly half of Britain's population disappeared. That loss drew international attention to the way the British government handles its citizens' information.
The ministry is also drawing considerable flak from members of Parliament. Conservative MP Nigel Evans, who chairs the All Party Parliamentary Group on Identity Fraud, said, "This is yet another example of the serious implications the loss of personal data can have for the general public. The loss of such important information ... will be music to the ears of fraudsters everywhere. It is vital that there is a cultural change across the public sector with all professionals aware of their responsibility to protect and manage personal data."