Data on four million lost in one year in UK

BBC adds up security breach figures

The UK government has lost the personal information of up to four million citizens in the last year alone.

The astonishing figures, calculated by the BBC, added up as Whitehall departments slowly released their annual reports for the year to April.

And the trend has not stopped — in the latest revelation, HM Revenue & Customs, which infamously lost the details of 25 million child benefits claimants last November on two unencrypted discs, experienced 1,993 data breaches between 1 October last year and 24 June.

Treasury minister Jane Kennedy told MPs the newly-announced HMRC breaches did not necessarily result in data losses, adding that they reflect "potential weaknesses reported by staff and not actual thefts or losses", and indicate that staff are more aware of security and reporting more incidents. HMRC said it takes data loss and security breaches "very seriously" and thoroughly investigates any breach.

Earlier, the Ministry of Justice admitted it had lost 45,000 people's details throughout the year, on laptops, external security devices and paper, and that 30,000 of them had not been notified. The MoJ said it had a "dedicated information assurance programme" in place to improve data security.

Before that, the Home Office announced it had lost the data of 3,000 seasonal agricultural workers on two unencrypted CDs.

In May, the Department for Transport lost the data of three million learner drivers. Other data losses occurred at the Foreign Office, which lost 190 people's data in five incidents.

In January, the Ministry of Defence said it had lost a laptop containing the details of 620,000 recruits and potential recruits, and some information on 450,000 referees for job applicants.

As the government spends £12.7 billion (NZ$33 billion) putting NHS patient health records onto a central computer, there have been a string of data losses from NHS hospitals. In June, two NHS trusts lost unencrypted laptops containing 31,000 patient records. In May, 38,000 patient records on tape were lost after being posted by the Isle of Wight Primary Care Trust.

Information Commissioner Richard Thomas recently served enforcement notices on HMRC and the MoD for their data losses, insisting they report regularly on their data handling. He also said he "welcomed" the Home Affairs Committee's report that urged the government to stop creating large databases on citizens without first proving they are necessary.

The Liberal Democrats have called for "data guardians" to be appointed to monitor the government's handling of information. The data protection minister, currently Michael Wills, should also have a stronger influence in central government, they said.

They attacked the "depressing climate of disrespect for the security of our personal information", advocating doubling the Information Commissioner's budget and implementing stronger legislation around data protection.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags UK governmentsecurity breachesSecurity ID

Show Comments