UK: Security scare as council loses memory stick containing medical info and access codes to the homes of thousands of vulnerable people

The Daily Mail reports:

A council has lost a memory stick containing home security codes and medical information for thousands of elderly people.The data device holds the medical details on 4,000 people looked after by Leicester City Council support service as well as 2,000 key codes which can be used to gain access to their homes.

The codes, used by LeicesterCare, the council service that supports vulnerable people, open outside boxes that contain keys to people’s front doors.

The council launched an operation to reset all the codes after admitting they lost the data more than two weeks ago in a massive security breach.

The memory stick, used to back up information on council computers, was supposed to be locked in a safe every night.

But council staff reported it missing to the Information Commissioner’s Office (ICO) on March 9 – four days after it disappeared.

Read more on Daily Mail. It’s not totally clear to me whether the data were encrypted or otherwise adequately secured. On the one hand, they’re notifying everyone and changing access codes, which suggests that it’s not encrypted. But there’s also this statement in the story, attributed to a council spokesperson:

‘However, while we have been assured by our supplier the information on the device is not accessible to anyone who may find it, we are taking every precaution and we are urgently carrying out changes to the keysafe codes of around 2,000 users.

About the author: Dissent