Tuesday, December 02, 2008

6.2 million RAF Personnel documents stolen

The Ministry of Defence have admitted, in response to a Parliamentary question, that in August 2008, three USB portable hard drives were stolen from a "secure computer facility at RAF Innsworth". The incident happened sometime between 22 August and 17 September 2008. The contents of the stolen drives "6.2 million documents containing an archive of RAF personnel information".

Clearly the "secure facility" is not that secure. Mind you it could be that the theives used a stolen or lost security pass in order to get in. Either way, an archive of 6.2 million personnel documents is now out there.

One hopes that it has been deleted and the theives had no ulterior motive. If a list like that fell into the hands of terrorists then that would be a wealth of useful information for what would be considered "legitimate targets".

I would've thought such a fresh and recent admission of not just a security breach in a "secure facility" but also the loss of exceptionally sensitive data would have got some coverage, although I guess it did come about on the same day the Damien Green mess kicked off.
Source: Hansard

8 comments:

Anonymous said...

http://www.mirror.co.uk/news/top-stories/2008/09/26/safety-fears-for-50-000-raf-staff-after-personal-files-are-stolen-115875-20754809/

dizzy said...

What was the search termf or that? I did have a quick look but couldn't find anything. Strange it is only in the Mirror.

Unixman said...

It seems that when the RAF moved out (Innsworth is now Army) stuff was put into storage. Guess that is when it disappeared ...

Henry Crun said...

I suspect that the thieves were probably more interested in the hardware than they were on the data on the disks.

Letters From A Tory said...

Makes you wonder about the 'secure facility' that the new ContactPoint database will no doubt be stored in, with all the details of every child in the country just waiting to be stolen.

Anonymous said...

nexis picked it up - made a fair bit at the time... don't think they admitted 6.2m docs before tho

Anonymous said...

dizzy

My husband is a former serving member of the RAF, after this hit the headlines he e-mailed the RAF asking if his information was included.Their reply was this:

"As you are no longer serving with the RAF we need to ask you to write to us and provide verification of your identity and address.
Along with your request please enclose photocopies of any two of the below.

-photocopy of the page of your passport with your photograph on it.

-photocopy of your driving licence (both card and paper counterpart).

-photocopy copy of a recent utility or other bill, such as a mobile phone bill showing your home address. We do not need to see the details of the bill, just the address

-letter from your employer confirming your home address.

-photocopy of any letter from a body such as your bank, building society or council showing your home address. We do not need to see the contents of the letter, just the address.



Please note that no original documents should be sent and any photocopies of documents that are sent in will be destroyed by us once we have determined your identity. "


My Husband was rightly distgusted

he replied:

"I am very reluctant in providing more personal and financial data when you have already proven that you cannot be trusted with what you already have!"

Says it all about government data don't you think!

T England said...

I found this story in Computer weekly.