The Ministry of Justice has reported nine data-breach incidents which may affect around 45,000 people.
According to a report, the Ministry suffered a breach in June 2007 when discs containing 27,000 supplier records were shown to ‘a representative of a newspaper'. Although the Ministry has claimed that "the data was not lost or stolen but some examples were shown" it has defended itself by saying that all the data, including supplier names, addresses and, in some cases, bank details, was subsequently recovered or destroyed.
The eight other breaches included the loss of three laptops, one lost in January 2008 contained data on 14,000 fine defaulters, including the subjects' names, dates of birth, addresses, offences and, in a fifth of cases, national-insurance numbers. The laptop was described as inadequately protected and was lost within secured government premises.
In September 2007 a laptop was lost outside government offices and affected only 13 people who were applicants for judicial office and the details included their suitability for that office.
Further, four incidents involved the loss of paper documents and three data losses at the Department for Work and Pensions.
Cabinet secretary Sir Gus O'Donnell, said: “This area will continue to demand significant senior management attention. The agencies plan more internal reviews to support further measures for enhancing the effectiveness of their data-security frameworks.”
The document, a cut-down version of the full, secret report, also states that the agencies formally reported ‘no protected personal-data-related incidents' in the last financial year, and that, in previous years, the agencies had focused on reporting incidents relating to national security. The security and intelligence agencies said they will carry out work to improve their information security.