EDS loses personal details of 5,000 prison staff

Contractor EDS has lost the personal details of thousands of prison staff working in England and Wales in the latest data loss fiasco for the government. The...

Contractor EDS has lost the personal details of thousands of prison staff working in England and Wales in the latest data loss fiasco for the government.

The details were held on a hefty 500Gbyte hard drive and would be highly sensitive if they ended up in the wrong hands. Not only would staff be potential victims of identity theft, they could also be targeted for reprisals by criminals that have passed through the prison system.

Justice secretary Jack Straw (pictured) has ordered an inquiry into the data loss, which involves up to 5,000 prison staff. The hard drive is said to have gone missing in 2007, but the prison service was only told of the loss two months ago.

Straw is angry that he was only informed of the problem last weekend through newspaper tip-offs. The Ministry of Justice believes the missing data remains "somewhere on EDS premises".

EDS has not commented on the disk's likely whereabouts.

Straw said, "I've ordered an urgent inquiry into the circumstances and the implications of the data loss and the level of risk involved.

"I have also asked for a report as to why I was not informed as soon as my department became aware of this issue."

Andrew Clarke, international senior vice-president at Lumension Security, said, "It's a sorry state of affairs when newspapers are informing the government of a data loss. It's extremely worrying that the justice minister remained blissfully unaware of this latest situation. How many more does he not know about?

"The only way to prevent data loss from removable devices is to take control of inbound and outbound data from all endpoints and encrypt it."

The loss is the latest in a string of high-profile incidents to have affected government departments. The losses come as the government prepares for the impending roll-out of its national identity card scheme, with foreign nationals the first to be issued with cards in November.

Privacy campaigners said the data losses demonstrated the government could not be trusted to keep citizens' data safe on a national identity card database.

Government data losses >>

Organisations failing to secure consumers' personal data >>

Read more on IT risk management

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close