Pension details of 109,000 members on stolen laptop

A laptop which contained the personal details of 109,000 pensioners in the UK has been stolen, according to an article from the BBC. The laptop was stolen from an office in Buckinghamshire, and was not encrypted, although it was protected by a password, the Pensions Trust said.

The office was owned by NorthgateArinso, who provide the Pensions Trust with software.

The Pensions Trust made a press release regarding the incident, and in it said "we can confirm that a laptop containing some confidential data of The Pensions Trust's has been stolen from the Marlow office of our external software providers, NorthgateArinso."

"The view of the police and NorthgateArinso is that this was an opportunistic theft and that the laptop itself was the thief's target. NorthgateArinso has assured us that the data was password protected and as such, not easily accessible."

The theft has been reported to the Information Commissioner, as well as CIFAS, the UK's fraud prevention service. In addition, each pensioner has had a letter sent to them explaining the situation.

According to the BBC article, the database contained the names, addresses, dates of birth, employers, national insurance numbers, salary information, and even bank details for members who were actually receiving pensions. This is the latest in a string of confidential data losses that the government has faced, although in this case the incident took place at an external company's office. The laptop was stolen on 23 March, presumably kept quiet as a security precaution.

Report a problem with article
Previous Story

Time Warner confirms AOL spinoff plans

Next Story

PSP-GO a go? Slim PS3 real?

29 Comments

Commenting is disabled on this article.

As a Security Manager, one of the biggest problems is financing technologies such as encryption. Most businesses know the risk, but they still put it to the back of the queuedue to the cost of implementation.

Laptop users still have a responsibility to keep their device secure and quite often its down to them being lazy.

Perhaps the only benefit is its one of many problems that keep people like me employed

yes there is software that does escatly that, IIRC most modern dell laptops have a tracking feature built into the bios. the dell inpiron 1300 i used to own had this feature.

even if the software was given to them for FREE i doubt they would use it. this is our data the have in their hand and if they cant protect it properly then some thing has to be done about it.

who here would leave the door to their home unlocked when they leave and not bother to enable the alarm system that was already fitted when you moved. ?

CheeseFart said,
doesn't stop a person from removing the hard drive and using an external case

whats that got to do with anything, if the damn hdd was encrypted the data on hdd would be totaly useless to the person who stole it.

their are FREE tools available to download from the internet that encrypt a users HDD so there is no excuess in todays socioity.

its just lazy ass end users who dont bother to use them, even a windows xp login pass word isnt enough to protect the system.

thinking back to the artical they said it was protected with a password well most of us here would know how to get around that small problem. That is not
what id call adequate security.

Isn't there software available that tracks the laptop via a wireless access points the moment it is turned on (without the need to log-on)? I am sure I have read about stuff like that. Maybe something to invest in for laptops that contain vital information.

now you see the fuss about this 'big brother' society that people seem to be talking about?
id cards, databases, monitoring, etc...

getting more and more data != keeping the data secure

Think the goverment should actually hire people that know a thing or two about IT, saying its ok we use a password is the stupidest thing I've heard.

The goverment keep track your cars, give you ID cards, moniter internet usage etc. Then when we object they say it's ok the data is safe. Sorry there is more chance of believing pinocio.

AGAIN, this is the what, 15th time this has happened to the government and all they have on it is a 'password'. Oh **** it could be an access password for all we know which can be viewed without even having to crack it, seeing at they are probably still using office 2000.

They do NOT learn, the entire government system needs to be scrapped and replaced.

EDIT: I just read the post above me, "a microsoft Access password? LMAO", haha, so true! =P

Why can't they store the data on a remote server and access it over a vpn :/

becasue that would reqire the person asscessing the database to havemore than 2 brain cells. + it means havging to "train the monkey" and that costs money, money which isnt there to spend becasue the loca MP spends it on light bulbs and a morgage he / she "forgot" had been paied for.

information like this needs to be kept off portable computers and properly incrypted why this data wasnt is something of a Joke and who ever was responsible for the data on that laptop needs to be fired.

they said the data was password protected, what with exctly? a microsoft Access password? LMAO

Popcorned1 said,
That's logical


...and there's your answer. Governement and logic can't be used in the same sentence.

But that's exactly right. A laptop is not the place to keep 100K+ records--why were they there to begin with?

aarste said,
Cos UK bandwidth is slow and costly? LOL.


Bandwidth has little to do with it. You leave the data on the server and get the server to do the work for you. If you have to pull the data down to your machine (100K records at a time), you're doing something wrong.

thing is, they probably aren't willing to implement/come up with a better solution, as it would cost money...although they could have at least encrypted it I suppose, to slow down any potential cracking attempts.