The Royal Navy may have lost two more laptops that contained data similar to the one stolen last week that contained the names, bank account details, and passport details of some 600,000 people who had applied to join the armed services, defence secretary Des Browne told Parliament today.
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
Announcing a review of Ministry of Defence (MoD) security policy Browne said, "An internal investigation by the MoD's head of security had established that, in addition to the laptop stolen on 9 January, two further laptops potentially containing similar data have been stolen."
Browne has asked Sir Edmund Burton, former deputy chief of the Defence Staff (systems), to review the circumstances which led to what the defence secretary called "systemic failures".
As happened in the wake of the loss of the personal details of 25 million child benefit claimants by HM Revenue & Customs (HRMC) in November, a senior dedicated data protection officer has been appointed.
Browne said the MoD's head of security was now the sole authority for granting security accreditation for IT systems. This was to underscore the importance of security to MoD head office.
He had initiated an internal review by MOD IT security experts of all IT systems in use throughout MoD and the armed forces to make sure that no other systems are at risk.
He said the MoD would be part of the Cabinet Office-led review of data security that followed the HMRC incident.
Browne was responding to the theft of a laptop that contained personal information about potential recruits from the car of a Royal Navy officer on the night of 9 January 2008 in Birmingham.
Browne said West Midlands police, assisted by the Ministry of Defence police, were investigating, and the Information Commissioner had been informed.
"All similar laptops had been recalled from their users and secured as an immediate precaution," he said.
Letters had been sent to all 3,700 whose bank details were included in the database, and were now being sent to the 153,000 people who had applied to join the Royal Navy, the Royal Marines or the Royal Air Force during the relevant periods, he said. Those affected could call a free help line and e-mail address, he said.
The navy was now considering action against the officer concerned.