MoJ admits losing 2,000 personal records

The Ministry of Justice (MoJ) has lost the personal information of more than 2,000 people in the past year, according to the department's annual financial accounts.

The Ministry of Justice (MoJ) has lost the personal information of more than 2,000 people in the past year, according to the department's annual financial accounts published last week.

The most recent and biggest single data breach by the MoJ was the loss of an unencrypted memory stick containing personal details of employees in March this year.

In the second biggest breach in the past year, MoJ supplier EDS lost a portable hard disc in September 2008. Initial reports indicated that thousands of records had been lost, but the MoJ said only 256 staff members were potentially affected.

These and two other incidents accounted for the loss of 1,849 records reported to the Information Commissioner's Office (ICO).

The MoJ admitted to losing an additional 157 records in another six minor data losses that "did not fall within the criteria" for reporting to the ICO. These incidents involved the loss of inadequately protected electronic equipment, devices or paper documents, or the unauthorised disclosure of data.

Although thousands of people are potentially affected by the breaches, this marks a improvement on the MoJ's performance the previous year.

In the annual accounts for the preceding year, the department admitted to losing the personal details of 45,000 people in nine separate incidents.

The MoJ said in a statement that the department takes the protection of personal data extremely seriously and is committed to ensuring that information is shared in a safe and secure way.

"Whilst any loss of data is regrettable, all Ministry of Justice incidents have been reported and the necessary action taken," a spokesman said.

The MoJ has set up a dedicated Information Assurance Programme for the coming year to address information risks and inspire public trust and confidence, he said.

"All staff have now undertaken mandatory training to raise their awareness of the vital importance of data security," he said.

CW+

Features

Enjoy the benefits of CW+ membership, learn more and join.

Read more on IT risk management

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close