Wednesday 1 April 2009

Pension data was on stolen laptop

A laptop and CD
Deloitte says the laptop was stolen in a public place

A laptop containing personal details of at least 100,000 pension scheme members has been stolen from an employee of the accountancy firm Deloitte.

The computer held data including names, National Insurance numbers and salaries of Network Rail and British Transport Police pension scheme members.

Deloitte said there was a "very low risk" of the details being accessed.

The theft, last month, came to light as the Ministry of Defence confirmed data on 100,000 personnel had been lost.

Deloitte said it had notified police of the theft, which occurred in a public place, and informed its clients - including BSkyB - which had contacted all affected scheme members.

No addresses or bank account details were stored on the machine, Deloitte said.

In a statement, the company said the laptop was protected by a number of security measures, including start-up and operating system passwords and data encryption.

It said the theft had happened despite employees being issued with guidelines to pay close attention to their laptops in public places.

Security controls

"We believe that the likelihood of unauthorised access to the data held on this laptop is remote due to the opportunistic nature of the theft and the security controls," the statement read.

A spokesman for Deloitte said the firm did not want to say where the theft took place, because it wanted to reduce the chance of the thieves realising what they had taken.

James Jones, education manager with the credit reference agency Experian, said the data on the laptop would not be very useful to anyone trying to commit identity fraud.

"Your National Insurance number is no use at all for identity fraud," he said.

"The building blocks in the UK of identity are name, date of birth and address - with that information you can probably crack everything else."

Those affected by this laptop theft would have to suffer other data losses to be at risk, he added.

The Ministry of Defence (MoD) had earlier confirmed that a hard drive containing more than 1.5m pieces of information, including details of 600,000 potential recruits, was recorded as missing during an audit.

It was being held by the MoD's main IT contractor, EDS, and may also have held bank and driving licence details, passport numbers, addresses, dates of birth and telephone numbers.
Posted by Scott Dobson at 11:06
Labels: , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)