List of UK government data losses
From Wikipedia, the free encyclopedia
The following is a list of UK government data losses. It lists reported instances of the loss of personal data by UK central and local government, agencies, NDPBs, etc., whether directly or indirectly because of the actions of private-sector contractors. Such losses tend to receive widespread media coverage in the UK.
-
This list is incomplete; you can help by expanding it.
| Date | Department | Number of records lost |
Narrative | References | |
|---|---|---|---|---|---|
| 2008 | November | Department for Work and Pensions | n/a | USB memory stick, apparently encrypted and containing passwords for an old version of the Government Gateway, a website giving access to millions of records of personal data. | [1][2] |
| 2008 | October | Ministry of Defence | 1,700,000 | Hard drive being held by contractor EDS is found to be missing. | [3] [4] |
| 2008 | September | Service Personnel and Veterans Agency | 50,500 | Three USB portable hard drives with details of staff are allegedly stolen from a high security facility at RAF Innsworth. The Agency holds records on 900,000 current and former personnel. Stolen records included sensitive information about the private lives of senior staff. | [5] [6] [7] |
| 2008 | September | Insolvency Service | 400 | Names, addresses and bank details of up to 400 directors of 122 firms were lost when four laptops were stolen from a Manchester premises. | [8] |
| 2008 | September | Tees, Esk and Wear Valleys NHS Trust | 200 | Memory stick with details of patients found in a public park. | [9] |
| 2008 | August | Home Office | 84,000 | PA Consulting lost an unencrypted memory stick containing details high risk, prolific and other offenders. | [10] |
| 2008 | August | Colchester Hospital University NHS Foundation Trust | 21,000 | A manager's unencrypted laptop holding patient addresses and treatment details is stolen from his car whilst on holiday in Edinburgh | [11] |
| 2007 | December | Department for Work and Pensions | 45,000 | West Yorkshire benefit claimants' in data lost. | [12] |
| 2007 | December | Department for Work and Pensions | 000s | CDs with personal data found at the home of a former contractor. | [13] |
| 2007 | November | City and Hackney Teaching Primary Care Trust | 160,000 | "Heavily encrypted" disks containing details of children are lost by couriers. The loss prompted the agency to implement hard drive and USB memory stick encryption systems across all PCs. | [14] |
| 2007 | November | Foreign and Commonwealth Office | 50,000 | Details of via applicants were made available on an FCO website. | [15] |
| 2007 | November | HM Revenue and Customs | 25,000,000 | Two CDs containing details of the families of child benefits claimants went missing in the post. HMRC's handling of data was described as "woefully inadequate" and staff were described as "muddling through" in a June 2008 Independent Police Complaints Commission report. | [16] [17] [18] [19] |
| 2007 | July | Ministry of Justice | 5,000 | Hard disk with details of HM Prison Service staff is lost on the premises of EDS. | [20] |
| 2007 | May | Driving Standards Agency | 3,000,000 | Hard disk with details of candidates for the driving theory test was lost in a premises in Iowa by subcontractors. | [21] |
| 2007 | May | Foreign and Commonwealth Office | 50 | Details of individuals made public after "unauthorised disclosure by a contractor" | [22] |
