Are 1.7m at risk over missing MoD computer?
A missing Ministry of Defence computer hard drive may contain personal details of as many as 1.7 million people who have inquired about joining the armed forces, it was revealed today.
Opposition parties warned that the information contained on the drive represented "a potential goldmine for organised crime" and could even compromise national security.
When the loss of the disc from the premises of contractor EDS in Hook, Hampshire, was first announced last week, it was thought that it carried the names, addresses, passport numbers, dates of birth, next-of-kin and driving licence details of up to 100,000 Army, Navy and RAF personnel.
But armed forces minister Bob Ainsworth today announced that further investigations had revealed it contained data relating to large numbers of people who asked for information about careers in the forces.
In a written statement to Parliament, he said: "Whilst conducting an audit of storage media, EDS found that it could not find a removable hard disc drive. Under the terms of its contract EDS is required to protect all personal information in its care.
"The hard drive had been used with the TAFMIS recruitment system and may, in the worst case, contain details relating to 1.7 million individuals who have enquired about joining the Armed Forces."
Where people simply made casual inquiries, only their name and contact numbers are likely to have been recorded, said Mr Ainsworth.
But for those who went on to apply to join up, the drive could include more extensive data, including next of kin details, passport and National Insurance numbers, drivers' licence and bank details and NHS numbers.
It was unlikely that the details on the hard drive were encrypted for security.
The minister said that the incident "illustrates the need continually to review and enhance our arrangements for personal data".
An investigation has been launched by the MoD Police and a helpline has been set up for those who may have been affected, said Mr Ainsworth.
Where bank account details are involved, banks have been informed through the Apacs system of the need for scrutiny against unauthorised access.
And he added: "The MoD is clear about the crucial need to implement wholesale improvements in how we store, protect and manage the use of personal data.
"We are also clear that we need to effect a significant behavioural change among our people at all levels. We are currently engaged in a comprehensive programme to do all of this.
"The MoD is a large department operating many complex data systems world-wide, often at very short notice and under extreme conditions. This presents additional challenges and risks in the implementation of rapid change.
"However we are determined to ensure that we effect that change."
Liberal Democrat defence spokesman Nick Harvey said: "This data loss is an absolute scandal and on a far larger scale than previously feared. It is shameful that the minister made the admission in writing and not in person to the House of Commons.
"This information is a potential goldmine for organised crime and could even compromise national security.
"In the past soldiers have been targeted by extremists. One dreads to think what might happen if this information were to fall into the wrong hands.
"It is yet another unwelcome burden for our servicemen and women to worry about, at a time when they are already under great pressure because of overstretch.
"It beggars belief that the Government cannot competently manage such a basic task. There must be an urgent inquiry into how this happened."
EDS informed the MoD on October 8 that it had discovered the hard drive was missing during an audit conducted to comply with a data handling review ordered by the Cabinet Office.
It was only the latest information security breach to hit the MoD in recent years.
In July the Ministry admitted 658 of its laptops had been stolen over the past four years and 26 portable memory sticks containing classified information had been either stolen or misplaced since January.