Another month, another high profile government data breach. This time the blame lies with a contractor, PA Consulting, which mislaid a USB storage device containing unencrypted data on the entire population of the
According to a Home Office spokesperson, amongst the data were the home addresses of 30,000 repeat offenders and 10,000 “prolific and priority offenders.”
The data came from the government’s JTrack system, which allows police to monitor the whereabouts of convicted criminals and for which PA Consulting provides support. The breach lends weight to research conducted by Verizon Business that found that business partners and outsourcers are the number one data security threat.
PA Consulting informed the Home Office that it had lost the data on Tuesday. The Home Office contacted police yesterday.
Ironically, PA Consulting was in 2004 selected as consulting partner for the government’s controversial ID card scheme.
High profile data breaches such as the above are seen by ID card opponents as evidence that the government cannot be trusted to run an identity database, while proponents argue they underline the need for a centrally-managed identity control system.
Further reading
Vast scale of illegal data trade exposed in Germany
The business partner risk
Business partners should be regarded as the greatest security headache, according to recent research
The return of the ID card debate
The UK government’s embarrassing loss of 25 million citizens’ personal details has reignited the ID card debate
Find more stories in the Security & Continuity Briefing Room