Loss of RAF Data
 

MOD confirms loss of recruitment data

:\

That is serious information according to the link. Was it encrypted? Password protected? Lets hope the laptop was stolen by a junkie just wanting £20 for his next fix, and that the data has been wiped.

So that will include details of AA Junior, and a fair few posters on the OASC thread. Luckily AA Junior is not yet 18, so applications for credit cards in her name won't get very far.

600,000 names/details ??

I just wonder how far that will go back 5 - 6 years or more ??

Won't affect me, they were still using quills and parchment when I joined ( thought I'd say it before anyone else did :) )

I'd be more concerned about the information falling into the hands of unfriendly nations or terrorist organisations. I'm sure that data would be very valuable to certain undesirable outfits.

My laptop has an encrypted hard drive. A real b:mad:r to use. So difficult in fact that the login and password routine stay with the laptop.

Now in that is not a bad thing, provided they are held separately from the laptop when in an insecure area.

Now of course it would never have been in the laptop case with the laptop. Would it?

If it wasn't in the case then I am sure he would have kept it secure in his briefcase and not left that in the car with the laptop. He would wouldn't he?



bets?

Just shown my daughter the link. It is almost certain her full details are in that laptop somewhere. She is not happy.

I gave her plenty of moral support by taking the pi$$ out of the Navy and the incompetence of leaving such an item in a car in Birmingham. I did, of course, forget to mention the GW1 Wg Cdr Laptop incident.

Seriously though, my daughter’s information will almost definitely be there so if anybody has any more gen or advice please PM me.

The BBCi page has been updated:

"But for those who progressed as far as submitting an application to join the Forces, extensive personal data may be held, including passport details, National Insurance numbers, drivers' licence details, family details, doctors' addresses and National Health Service numbers."

"The MoD said it was writing to 3,500 people whose bank details were on the laptop's database."

The most surprising (and uncorroberated) quote is:

"Simon Davies, from pressure group Privacy International, told BBC News 24 he was "flabbergasted". "I cannot believe that our flagship security agency (what does he mean?) cannot get this right," Mr Davies said.

"The idea that someone could have the computer with the information unencrypted - it is on a par with the HMRC loss."


You do also have to ask what kind of data-management solution is designed to enable a laptop to contain so much key data. Why does it need to be on a laptop at all? Surely some/much of the info can be held on a server and viewed over a secure link when needed?

Bl**dy priceless!!!:mad:

Well at least he will be able to raise a glass or two on his, no doubt, very forthcoming promotion.......

According to a completely reliable source, Mrs PN said that if the information was encrypted it would be a given that the encryption passwords would have been with the laptop.

PN
they are probably stuck on the laptop in Dymo tape!

Just in case you have found the laptop without the attached passwords inside just rely on the good traditional infosec tradition of using the word 'password' as this seems to be a good starter for ten on any MOD laptop I have the displeasure of using.;)

I had to remember 93 keystrokes to access mine. Never did manage it. Never used it. My efficiency improved no end.

tumeseh has it right. They made it TFD so that dymotape was the only way.

Now of course i don't have any notes on my desk with my random 21 alfa password do I?

the obvious solution is too easy for the plods.

Now I had one of my own passwords that was a simple one like:

"Oh to go down to the seas again to the lonely seas and the sky"

Try cracking that with a dictionary cracker program.

It's alright. It's not a problem at all. Apparently all the information came from JPA so none of it's accurate anyway.

Thief steals MoD laptop with details of 600,000 staff - The Mail

:ugh:

And the government wants everyone to trust them with ID card details? I think not somehow - either that policy is washed up, or this government is! Perhaps both.

Oh dear.

So the next generation of cannon fodder will be hieing into battle on the back of a lot of credit card debt run up by a man in Burundi.

Oops.

At least you now know that when you get an email from the "desk of" Jokoma Hungalunga inviting you to act for him with your bank account you will know that you definitely have been 'personally' selected and that he already has your account details!

never mind, the poor sods get to join us who's details that were "lost" on the disk that had the child benefit details on it! me thinks that this government are hanging on by a thread to any trust we may have had in the system or their ability to look after us. as for any one with brain cells, then i'm afraid we are at a complete loss. that's because not long after my details were lost i received a letter from the child benefit agency apologising that they had lost my details and were doing all they could to get them back, so imagine my suprise when at the top right hand corner of the letter were my details. i felt like writing back to them and saying " guess what i've found them!" :E


plebs the bloody lot of them :ugh:

Wasn't there a Wingco who stopped to look at a car showroom, leaving Orbats etc for Granby on a laptop in his boot? Which went awol.

I wonder if there's such a thing as a time lock for hard drives.. even with access verified, data is unobtainable for a certain time, and possibly an auto wipe facility?

Either way, this isn't good. I have opted out of the NHS records system, and I am anti ID card, not on principle, but because I don't trust g'ment to a) do its job properly and preserve my security and b) stick to its word about what the ID card will be used for.

Easy, just have a lesson at Officer Skool on not to leave laptops in cars :ugh:

I suppose handing over a laptop saves them the bother of removing an ipod until the RN spill their guts anyway!

What a complete idiot this RN officer was. I have two laptops in my charge, both encrypted; dongles and reader kept on my person and laptops are either carried with me or kept in a security cabinet when not used. Never are they left in a car unattended. Bloody simple rules that surely even this simple minded half wit could understand.

Hopeless, bloody hopeless. :ugh:

Well, before you criticise an individual you have know a bit about the circumstances - and I certainly don't! So I'm not going to comment, but it does raise interesting questions. For example, why was it necessary to have all that data on one laptop?

Was it because the individual was so overworked that he/she had to have it with him/her so that he/she could meet deadlines?

But he/she did not have it with him/her. He/she left it in the car

I'm with LFFC on this one. Will someone please tell us why someone thought it essential to have over HALF A MILLION PERSONAL DETAILS ON A LAPTOP?:eek: Sorry, but I detect a strong pong of kippers here. Something ain't right. With that amount and sensitivity of data I'd expect it to be chained firmly to someones gonads, not left in the middle of Birmingham.:confused:

Someting is not right here. According to Wikipedia:

http://en.wikipedia.org/wiki/British_Armed_Forces

The TOTAL strength of HM Forces was 429500 in 2006, and there have been reductions in numbers since then.

Also, according to the Times:

http://www.timesonline.co.uk/tol/new...cle3215887.ece

Personnel from the MOD have been caught lying in public and don't actually know the full extent of what the information taken was.

So, 170500 people MORE than there are already in HM Forces applied to join over the last decade? That would make 164 people EVERY DAY for 10 years! Or is it everybody's details who are currently serving AND 170500 (19 people per day for 10 years)?

Either way - the questions that need answering are: Why was this data held on that laptop? What liability insurance is the MOD offering everyone affected? Does the MOD even know who is affected? Is there a backup of the data?

And when does the board of inquiry convene?

With all these people wanting to join the services, why do we have such a recruitment problem? Are we being told the truth here?
P.S. Lieutenant Commanders, R.N. are omnipotent, don't you know?

That's a shame, but if they joined in the last 10 years they'll probably start getting lots of emails offering them cheap viagra pretty soon. :}

Has anyone yet had a reply from the incident team's email address? I emailed my "Am I affected?" at 1350Z, and haven't yet (1940Z) had even an automated "Query received" response. :uhoh:

Edit: automated response now received, with a timestamp of 0906Z today, Sunday.

adr

To me this means everyone currently serving, plus the recruits. It looks like a JPA data transfer.

With great respect Ed - borrocks!

You don't transfer data like that. On discs or electronically (via secure mil comms) or maybe DLT tapes or suchlike. Nope, something funny going on here.

Although having spent a fair few years in the RAF this question should be easy to answer myself) why is the information being released so vague?

Who exactly is affected by this loss of sensitive information?

Is it all enquirers and personnel who have served in the last ten years or only those who have enquired and joined in the last ten years? If its the latter then I'm alright Jack pull up the ladder as its been a bit more than 10 years ago I joined the RAF but if its those who have served within the last ten years regardless of when they joined I'm a bit less happy. Even more so as its a bloody fishhead who has dropped the ball on this one.:mad:

I thought having left the RAF late last year that that was the last of the MoD being able to screw up my life.:rolleyes:

From now on I shall switch off my computer firewall, change all passwords to something simple like 'password', set all my drives to SHARE and ensure my accounts program is up to date with full account details.

I shall also be enrolling with YouTube Nigeria.

As my information will be entirely accessible and transparent I believe it will be ultimately more secure than the Government storage as no one would believe it. :\

Just like Clarkson and his bank details, eh? Plonker (Clarkson, that is)

GF,

:)

No. More like Jasper Maskelyne; everything hidden in plain view.

Double bluff sort of thing? Brave-ish call!

GF,

With great respect I believe with the laughable way the muppets in charge handle our data security, that it was a data transfer and they thought the easist way, after the HMRC CD-Rom faux-pas would be a direct download to a portable HD then upload at the required point.

Especially with the 'tight' security of our personel data on JPA......................!

A D,
Fair call, but was it a laptop or a portable hard drive? If a HD then it's just being moved from point A to point B. A laptop implies someone wants to view the data before it arrives at its ultimate destination - er, why, if it's just a data transfer? And there is still the question of why it was left in the motor? And why that amount/sensitivity of data was put on one system? And why under the custody of just one person? And ..... and .....

And why of an f:mad:g computer in the first place?

The majority of the stuff I access - public at home and government at work - resides on remote servers. If I need something then I get that file and that file alone.

What on earth would anyone want with SIX HUNDRED THOUSAND records?

At 66 lines per A4 page that would be 9090 pages for a one line entry.

It is one mega database and you could play with it all day.

How many successful applicants bank with Barclays?
How many unsuccessful applicants were women?

etc etc.

FFS