Nottinghamshire Probation Service data stolen
Highly-sensitive personal data on offenders and the victims of crime has been stolen from the offices of the Nottinghamshire...
Mike Simons
Last month thieves stole IT equipment containing both databases of offenders and personal information about probation service staff, including details of their bank accounts.



From forensic cyber to encryption: InfoSec17
Security technologist Bruce Schneier’s insights and warnings around the regulation of IoT security and forensic cyber psychologist Mary Aiken’s comments around the tensions between encryption and state security were the top highlights of the keynote presentations at Infosecurity Europe 2017 in London.
Nottinghamshire chief probation officer David Hancock informed staff of the theft, but not offenders. In a letter to Mansfield solicitor Mark Marriott, Hancock, said, "While we cannot be absolutely sure, our current assessment is that the theft was targeted at the equipment rather than the data."
"I have reviewed the question of whether or not offenders, and other service users, should be informed of the theft. "I have judged that it is inappropriate to do so in the absence of any evidence about the data being targeted or leaking."
His reply failed to satisfy local lawyers, the data protection commissioner or the probation officer's union NAPO.
Marriott said, "Stolen data has a habit of leaking out and the Probation Service has a responsibility to victims and offenders to inform them."
Amanda Chandler, compliance officer at the Office of the Data Protection Commissioner, said the Probation Service was not exempt from data protection laws. "We would expect probation officers working with individuals to let them know that the data is missing."
Harry Fletcher of NAPO, described the theft as "an appaling lapse. The Nottinghamshire database will contain some of the most sensitive cases in the country," he added.
The Nottinghamshire Probation Service refused to comment.
Read more on IT risk management
-
Why businesses must think like criminals to protect their data
-
Security Think Tank: Use awareness, education and controls to halt cryptojacking
-
Security Think Tank: Awareness is a good starting point to counter fileless malware
-
Security Think Tank: Human, procedural and technical response to fileless malware
Start the conversation
0 comments