|  Home   |  Forums   |  News   |  Blog   |  Reviews   |

April 2, 2010

Barnet council in hair-raising USB stick security breach

Bookmark and Share

by Darren Allan

Another UK council has been involved in an embarrassing data leak incident.

This time around it’s Barnet council, and what’s worse about this particular incident is that it’s data pertaining to children which was involved.

Specifically, the records of some 9,000 youngsters, containing information such as names, dates of birth, postcodes, phone numbers and details related to their education

Apparently an employee at the council had copied said records in an unencrypted form onto a USB stick, and some CDs, which they took home.

The data was then stolen during a burglary at the council employee’s home in early March.

The employee in question has reportedly been suspended for breaching the council’s rules prohibiting saving unencrypted information onto USB sticks.

Barnet council has taken action to tighten up its security, by disabling USB ports and any access to external storage devices so such unauthorised file copying won’t be able to happen in the future.

The council has also ordered that all computers leaving the office will have to have their data encrypted from now on, and it’s launching an independent review into the whole issue of how its data is managed.

A statement from Barnet council said: “We believe that the risks associated with this data loss are very low.”

“The advice we have received from the police indicates that this was an opportunistic burglary looking for high-value items rather than specifically to steal data. This assessment of the risk has involved taking advice from the police and staff trained in safeguarding children from within the council.”

“Our safeguarding team felt there may be risks associated with the potential identification of one child. This issue has been dealt with.”

Pretty soon these sort of data breaches are going to be whacked with big fines, as the Information Commissioner’s Office will be dolling out penalties of up to £500,000 for “serious” breaches of the Data Protection Act.

Story link: Barnet council in hair-raising USB stick security breach

Discuss this in the Techwatch Forums

Related news to "Barnet council in hair-raising USB stick security breach"

1 Comment »
  1. It’s just pathetic how these people, who are entrusted with people’s private information cannot even do a simple Google search for “encrypted memory sticks” for example and buy some.

    Perhaps the £80 or so which they cost is too high for them.

    But wait, there are free highly secure solutions to! Perhaps searching for “free encrypted memory sticks” to too complex for them.

    Comment by BinarySoldier — April 2, 2010 @ 2:40 pm

Leave a comment

Previous: «
Next: »

Visited 1012 times, 3 so far today