UK: Lost laptop exposes thousands of pension records
John Leyden of The Register reports on the latest data protection cockup:
A lost laptop containing the personal data of 109,000 Pensions Trust’s members has sparked the latest in a growing list of information security breach alerts.
The missing machine was stolen from the offices of NorthgateArinso, suppliers of the Pensions Trust’s computerised pensions administration system, where it was was being used “as a database for development, training and performance testing”.
Data on the drive was not encrypted but it was password protected – as if that provides much in the way of reassurance. Data held on the laptop included name, address, date of birth, NI number, name of employer, salary details, name of and relationship to nominees and, for those drawing a pension, bank account details.