Met’s payroll data stolen


Met’s payroll data stolen

The Metropolitan Police – and its data processing partner LogicaCMG – suffered embarrassment when it emerged that three laptops containing payroll details were stolen from LogicaCMG’s offices.

Approximately half of the Metropolitan Police’s employees are thought to have been affected by the theft of the laptops. But neither party has given full details on what data has been stolen, or confirmed how many employees have been affected, because an investigation into the theft is still “ongoing”.

Some reports have claimed, however, that the laptops contained the payroll and pension details of more than 15,000 Metropolitan Police officers.

According to the Metropolitan Police, a risk assessment of the data on the laptops has been conducted, and it believes there is little risk of identity theft.

However, the theft is sufficiently serious that the fraud prevention service CIFAS, payment services organisation APACS and various credit reference agencies have all been consulted about what action to take to safeguard staff against becoming victims of fraud.

LogicaCMG UK has confirmed that an opportunist break-in had occurred at one of its premises last Thursday, but neither party has said whether or not the data on the laptops was encrypted, or whether security procedures had been followed at LogicaCMG.

That’s the key point – encryption. As similar incidents in the US have proved, it is often the lax security where third parties are processing data that reflects poorly on the company affected. As a matter of course, data on the Met’s laptops should have been encrypted. There are obvious lessons here that should be heeded by all companies whose payroll and pension data is being processed by third parties.

Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy