Navy laptop stolen with details of 600,000

Gaz the "Taff"

Well-Known Member
Joined
Jan 18, 2008
Posts
79
Reaction score
0
Just seen this,
The personal details of 600,000 people have been lost after a laptop belonging to a Royal Navy officer was stolen, the Government revealed tonight.

The laptop, stolen from the officer in Birmingham on the night of January 9, contained personal information from people who had joined up to the Royal Navy, Royal Marines and Royal Air Force and from people who had expressed an interest in joining. Entries on the computer included passport details, National Insurance numbers, drivers’ licence details, family details, doctors’ addresses and NHS numbers, the Ministry of Defence (MoD) said.

“The stolen laptop contained personal information relating to some 600,000 people who have either expressed an interest in, or have joined, the Royal Navy, Royal Marines and the Royal Air Force,” an MoD spokesman said. The MoD added that it was urgently writing to around 3,500 people whose bank details were included on the database. Police are investigating the theft.

It marks the latest data protection disaster for the Government, after eight NHS trusts were reported to have lost 168,000 patient details in December. In addition, in the same month, the personal details of three million learner drivers were revealed to have been lost in the US state of Iowa. That followed an even more embarrassing saga in which 25 million child benefit claimants' details were lost in November by HM Revenue and Customs.

Its amazing that theres 600,000 in the Navy in the first place *text deleted* and to have that many on your laptop is rediculous no matter what the reason. Dont know about you, but every *text deleted*ing where somones loosing sensitive info :roll:
 

Ninja_Stoker

Admin
Joined
Jul 10, 2007
Posts
35,044
Reaction score
16,678
Yep, it's been known about for a day or so.

My own view is that someone has confessed, but failed to realise that the data isn't actually on the laptop, but on a central database, when the laptop is connected to it.

Possibly I'm wrong, but time will tell.
 

blocky

Valuable Contributor
Joined
Jan 16, 2008
Posts
455
Reaction score
0
erm... im from birmingham and 2+2..... HEY! i might be on there!!
 

Ninja_Stoker

Admin
Joined
Jul 10, 2007
Posts
35,044
Reaction score
16,678
Gaz the "Taff" said:
Its amazing that theres 600,000 in the Navy in the first place *text deleted* and to have that many on your laptop is rediculous no matter what the reason. Dont know about you, but every *text deleted*ing where somones loosing sensitive info :roll:
Apparently, there's more than 250 000 people working for Tesco in the UK compared to the RN/RM which is far less than one sixth of that number.

Provisional figures show that as at 1 July 2007, the total trained strength for the Royal Navy was 94.7 per cent manned against a target of 36,720.

Don't always believe what you read in the press.
 

jamie.english

Valuable Contributor
Joined
Nov 14, 2007
Posts
354
Reaction score
0
Ninja_Stoker said:
Yep, it's been known about for a day or so.

My own view is that someone has confessed, but failed to realise that the data isn't actually on the laptop, but on a central database, when the laptop is connected to it.

Possibly I'm wrong, but time will tell.
I agree with you on this one. Data wouldn't be sorted on the laptop itself. That would be stupid. I bet 50 quid that it's on a server... and when you connect the laptop to the server, you can access it.

So it's just a laptop that went missing, technically.
 

GreyWing

Nobody
Joined
Feb 21, 2007
Posts
5,426
Reaction score
3,789
Thing is with the media and this soft Government, I have heard everyone blamed from the Defence Secretary to the Individual Officer, but no sod is blaming the scroat that broke into his car.

People should be able to leave laptops in their car, what is wrong with that. Perhaps if this government did their job, then people would be able to leave things in their cars without fear of being stolen.

I bet whoever has done this, has been in front of the courts at least 5 times for similar offences, that is 5 times this Government and Justice system has had chance to deal with thief, so wouldn't heap all the blame on this Royal Navy Officer for leaving it in his car.

All the best

GW
 

Chris5818

Valuable Contributor
Joined
May 31, 2007
Posts
192
Reaction score
0
Well recieved a letter this morning explaining my details were on there, Address, NI Number, Passport Number, Doctors Address, Employers etc etc.

Although there is supposedly 600,000 applicants deatils on the laptop and it was probably stolen by some *text deleted* looking to make a few bucks, it does make think there could be a 0.01% security risk to yourself and your family, as even the letter does go on to explain the risks.

Happy days
 
Joined
Oct 12, 2007
Posts
21
Reaction score
0
Its amazing that theres 600,000 in the Navy in the first place
There aren't, probably not even a tenth of that in Labour's Coastal Defence Force. The disc contains the details of everyone who's ever ENTERED THE PROCESS of joining the RAF, RN & RM in the last 10yrs (according to the newspaper i read). So it includes all the people who didn't get in as well. So you've got 40-50'000 serving in the RAF, lets say the same in the RN, thats ~100000, just with the people who are serving today. Then you've got all the people who've finished their service, lets say average service of 5 yrs, so there's another 100000 easy, plus all the people who showed an interest and didn't get in. Then you've got your reserves on top of that, which i don't think are included in my estimates of the RAF/RN's trained strength???

They haven't got account details - whoop-de-do - with the details they have they can set up new credit accounts in your name piece of *text deleted**text deleted*, which is much better as then they wouldn't have to contend with the limit of your money. The list is worth potentially £1billion in theft alone, so every Tom, Dick & Hank who's stolen a laptop in the Birmingham area last month will be checking their SWAG. Not to mention the serious security risk posed by having the identities of members of the armed forces out in the open.

At the end of the day, the officer in question has displayed total incompetence, but then again I don't think for a second the RN sends its best officers to the AFCO's, so i wasn't at all surprised. The fact is he shouldn't have been put in that position in the first place. The armed forces have no need of your passport number/national security/driving licence no's whatsoever until they have accepted you and need to security vet you. Like all these agencies they set themselves up for this sort of thing, there's too much info flying around - your details are sitting in someone's car boot FFS.

There's more than a 0.01% chance mate, if it was 0.01% you can bet they wouldn't have said anything about it. They're *text deleted**text deleted*ting it, afterall what will they do when the frauds start, arrest the RAF/RN? They're going to have to pay the damages aren't they.


I'm on it and i'm peeved by the way...
 

blocky

Valuable Contributor
Joined
Jan 16, 2008
Posts
455
Reaction score
0
cant believe i spoke to the guy... he was really posh... he went to me. the reason im not in my uniform is that is has been stolen from my car. and i thought nothing of it and now i find out the bloody laptop was in the car aswell... jesus christ
 

GreyWing

Nobody
Joined
Feb 21, 2007
Posts
5,426
Reaction score
3,789
At the end of the day, the officer in question has displayed total incompetence, but then again I don't think for a second the RN sends its best officers to the AFCO's, so i wasn't at all surprised. The fact is he shouldn't have been put in that position in the first place. The armed forces have no need of your passport number/national security/driving licence no's whatsoever until they have accepted you and need to security vet you. Like all these agencies they set themselves up for this sort of thing, there's too much info flying around - your details are sitting in someone's car boot FFS.
I'd have to disagree with most of this Sherminator, The RN Recruitment staff are some of the best guys in the Royal Navy, the Royal Navy aren't silly, and they aren't going to let just anyone select the next generation of servicemen and women. They have to go through one hell of a selection process to get that job.

With regards needing your passport and other documents at an early stage, the process to get you to a security check, costs many £x,xxx's and if they can rule out ineligible people at the first instance, then they are going to save a lot of time and money by doing so. Especially with so many people in this country today who aren't eligible.

But if anyone thinks that this is the best way fraudsters can get your details, they are wrong. Serious fraudsters work in your banks and in government departments, they don't need to steal laptops to get your data they are on the computer in front of them.

One thing that has come out of it, is that my bank now calls me whenever something is debited from my account from a new source. So if anything my bank is heightened the security on my account.

I understand you are a bit p'ssed Sherminator, but if you only knew what really goes on in banks and government departments such as the department for work and pensions, you'd tear your hair out. Personally I don't think any serious fraudster would touch this disk / laptop, a pattern will emerge if they try to use the data, and whoever gets caught with this, is going to do some serious time. Someone's made the government look daft, and when that happens, someone does time.

All the best

GW
 

Plummy

Valuable Contributor
Joined
Sep 13, 2007
Posts
259
Reaction score
0
well yeah and erm i think greywing covered it *text deleted*:joint:
 
Joined
Oct 12, 2007
Posts
21
Reaction score
0
I'd have to disagree with most of this Sherminator, The RN Recruitment staff are some of the best guys in the Royal Navy, the Royal Navy aren't silly, and they aren't going to let just anyone select the next generation of servicemen and women. They have to go through one hell of a selection process to get that job.
I disagree with your reasoning:

Firstly if I was the RN I'd have my best officers on the most serious postings, i.e. the submarines, aircraft carriers, command HQ's etc. The regional recruitment officers are bit-part players, all they do is decide who goes to the AIB, it's the AIB who select the next generation of officers. The regional guys just root out the total undesirables like me! I can believe competition is quite fierce for the position though - anyone who's had enough of going to sea has found their calling!

With regards needing your passport and other documents at an early stage, the process to get you to a security check, costs many £x,xxx's and if they can rule out ineligible people at the first instance, then they are going to save a lot of time and money by doing so. Especially with so many people in this country today who aren't eligible.
So why not just have me produce the documents for the officer and have him sign to say I've got them? Why do they need to store details? I don't think there's that many people with fake passports trying to join the RN Greywing!! Your security checking exists to catch the liars anyway, not the AFCO.

But if anyone thinks that this is the best way fraudsters can get your details, they are wrong. Serious fraudsters work in your banks and in government departments, they don't need to steal laptops to get your data they are on the computer in front of them.
So you think it's better for a fraudster to get a government job, where the trail leads back to them and they are liable to be traced eventually, than to have a un-tracable rogue collection of data?


One thing that has come out of it, is that my bank now calls me whenever something is debited from my account from a new source. So if anything my bank is heightened the security on my account.
It is not a good thing that this data has been stolen and you're not going to convince me otherwise.

I understand you are a bit p'ssed Sherminator, but if you only knew what really goes on in banks and government departments such as the department for work and pensions, you'd tear your hair out.
No doubt.

Personally I don't think any serious fraudster would touch this disk / laptop, a pattern will emerge if they try to use the data
What pattern? How do you propose to trace this data even if someone was using it? They are stating that data has been LOST, not comprimised, therefore the data is on the laptop. There's no need to connect to the internet or any central database, it's physically on there, so the chance of being caught from the computer is zero. How are you going to go about monitoring the financial acitivities of 600000 people to dicipher any kind of pattern?

whoever gets caught with this, is going to do some serious time. Someone's made the government look daft, and when that happens, someone does time.
Where do you think this is, Russia?! We can't just send the guy to the gulag even if we do catch him. This is no longer a military investigation and the military no longer has any authority. They've dropped the ball and it's a civil police matter now. The person who nicked the laptop will face the penalty for nicking a laptop. Should a person use the data on there for fraud they will face the penalty for fraud. The fact it's a military database is irrelevant. The only people the MoD could crucify over this is people within the military, such as your AFCO buddy, and thats not going to achieve anything.
 

blocky

Valuable Contributor
Joined
Jan 16, 2008
Posts
455
Reaction score
0
oh dear your going to be flamed by ninja_stoker Sherminator.... good luck hehe !
 

Jas

Valuable Contributor
Joined
Aug 19, 2007
Posts
201
Reaction score
0
I too got a letter in the post today saying my details were on that laptop. :rolleyes:
 

caboose

Member
Joined
Jan 7, 2008
Posts
17
Reaction score
0
also i received a letter from the MOD saying my personal details most likely where on the laptop... dang
 

GreyWing

Nobody
Joined
Feb 21, 2007
Posts
5,426
Reaction score
3,789
I disagree with your reasoning:

Firstly if I was the RN I'd have my best officers on the most serious postings, i.e. the submarines, aircraft carriers, command HQ's etc. The regional recruitment officers are bit-part players, all they do is decide who goes to the AIB, it's the AIB who select the next generation of officers. The regional guys just root out the total undesirables like me! I can believe competition is quite fierce for the position though - anyone who's had enough of going to sea has found their calling!

Firstly if I was the RN I'd have my best officers on the most serious postings, i.e. the submarines, aircraft carriers, command HQ's etc. The regional recruitment officers are bit-part players, all they do is decide who goes to the AIB, it's the AIB who select the next generation of officers. The regional guys just root out the total undesirables like me! I can believe competition is quite fierce for the position though - anyone who's had enough of going to sea has found their calling!.
I seriously suggest you have a look at the recruitment process for the position of Careers advisor. It's one of the most serious jobs in the whole of the RN, because who do you think selects the people of what you call important jobs of i.e. the submarines, aircraft carriers, command HQ's etc the Careers advisor precedes any of these, for the simple reason it is them that filter people for these positions. It's simple, bad careers advisor, more chance of having a bad submariner, a bad sailor on a aircraft carrier, a bad commander. Perhaps you think people on the AIB are just people who have had enough of going to sea and have found their calling. But it is easy to criticise everyone from the sidelines, so may I ask what your calling is or has been.

So why not just have me produce the documents for the officer and have him sign to say I've got them? Why do they need to store details? I don't think there's that many people with fake passports trying to join the RN Greywing!! Your security checking exists to catch the liars anyway, not the AFCO.
Well for one reason I imagine it is a criminal offence to produce fake documents, should it later be found out at the security checking stage that the documents provided to the Careers Advisor in the early stages, were false. The photocopies and reference numbers taken, can be given in evidence in any prosecution, and you can't just prosecute someone on the say so of a careers officer standing in court saying "He showed me his ID" That's just one reason off the top of my head but I am sure there are more. Although I have no idea if the any documents were scanned into someones laptop, I doubt it, I'd say they were probably just reference numbers.


So you think it's better for a fraudster to get a government job, where the trail leads back to them and they are liable to be traced eventually, than to have a un-tracable rogue collection of data?
Never said anything of the sort, What I said was the risk of you being defrauded from a person stealing a laptop from a car compared to someone working in a bank, is very small.

It is not a good thing that this data has been stolen and you're not going to convince me otherwise.
Never set out to convince you, what I tried to do was stop you putting others on this site into some kind of hyper panic about their details being thrown about the country. I have worked in Banks and solicitors offices, I know where fraud happens and this theft probably covers a 0.1% risk of anyone's details on this laptop being used fraudulently.


What pattern? How do you propose to trace this data even if someone was using it? They are stating that data has been LOST, not compromised, therefore the data is on the laptop. There's no need to connect to the internet or any central database, it's physically on there, so the chance of being caught from the computer is zero. How are you going to go about monitoring the financial activities of 600000 people to dicipher any kind of pattern?
Any fraudster is going to apply for credit, there are 3 main credit data companies in the UK. Details of people on the laptop have been supplied to these companies. These companies have excellent fraud detection systems and will flag up any pattern emerging with regards a influx of applications for credit. Including one of the most common fraud patterns of changing addresses. The bank accounts of these people on the laptop have also been alerted and any suspicious transactions are being queried before authorisation. Remember you banking pass codes were not on that database.

After working for motor insurance in a claims fraud department when I was 19, I know exactly how a fraudsters mind works. They keep there head down and don't want publicity. Why would you want to touch this data?. About terrorists getting your card details etc, lets get real, the bank call centres in India are infiltrated to high heaven with these people.


Where do you think this is, Russia?! We can't just send the guy to the gulag even if we do catch him. This is no longer a military investigation and the military no longer has any authority. They've dropped the ball and it's a civil police matter now. The person who nicked the laptop will face the penalty for nicking a laptop. Should a person use the data on there for fraud they will face the penalty for fraud. The fact it's a military database is irrelevant. The only people the MoD could crucify over this is people within the military, such as your AFCO buddy, and thats not going to achieve anything.
I don't write this because I have friends in the AFCO, I would say the same about the Army and RAF Careers guys, it's simply called respect.

No I don't think it is Russia, I wouldn't want it like Russia, but it doesn't mean I like things as they are. Never said the military have any jurisdiction of any prosecution. No one has said that the situation is ideal, but worse has been done in the past that me and you have never heard of.

If you think the government can't bring down pressure on the judiciary to enforce a harsher penalty for anything crime in relation to this event, you need to look again. The government has channels to put pressure on anyone caught with this and that is why anyone with any brains won't touch it.

GW
 
Joined
Oct 12, 2007
Posts
21
Reaction score
0
Well I've read what you've put and I'm just going to have to agree to disagree with you GW. I do think you've drastically under-estimated the value of this kind of data. I'm sitting here shredding all my correspondance like a prat while they're giving it away!

Now I'm not trying to send people into a panic and i'm not in one myself (I wouldn't expect people on this particular site to get into a panic to be honest), you just take it on the chin. As you say the information is all over the place, if you really want to get it you can. It's not so much that data has gone missing, this data is going missing all the time right now - it's more who has lost it. You simply expect better from the armed forces, although this isn't the first time their laptops have gone walkies - I believe some higher-ups have done it as well in the past.

I think i'm right in saying leaving laptops in cars is a breach of protocol and unfortunately for the guy he's been unlucky and the rammifications are reasonably serious. Now my personal opinion is he should be discharged...I know you don't agree with that, but it's not the civil service and I expect the military to set a higher example.

Lets not argue these points anymore since we just disagree. However I would be interested to know what punishment, if any, you think should be doled out to the officer in question?
 

Ninja_Stoker

Admin
Joined
Jul 10, 2007
Posts
35,044
Reaction score
16,678
Firstly if I was the RN I'd have my best officers on the most serious postings,
Completely agree.

However as if by magic you're not in the RN or any other armed force yet.
My guess is that you were in the UAS, URNU or OTC, which explains your considerable expertise on all things military.
 

GreyWing

Nobody
Joined
Feb 21, 2007
Posts
5,426
Reaction score
3,789
Agree to disagree is fine Sherminator,

But I haven't underestimated the value of the data, I think you have over estimated the security of other organisations to keep your data secure.

On the punishment side of things, what would I give the officer, none!

Do the government put pressure on these guys to work from home?
If so, does this government give them the correct encryption software for their work?
Why is the Government / Ministry of Defence even allowing 1 person to carry any more than 5,000 records?
Why is data not sent from one secure public building via a secure ftp, via usernames and password?
Did this individual even know the laptop had any data on it?

We simply don't know enough about the situation to be judging anyone. There will be an enquiry, how deep the enquiry will go is very important. If it turns into a scapegoat enquiry then we will be back here this time next year with exactly the same problem in another department.

Sometimes employers (civil as wel as well as Government) expect staff to get the same results with less provisions, this leads to corners needing to be cut. They can't just wash their hands of it when they do what they tell them.
 
Top