List of UK government data losses

Last updated July 06, 2024

The following is a list of UK government data losses. It lists reported instances of the loss of personal data by UK central and local government, agencies, non-departmental public bodies, etc., whether directly or indirectly because of the actions of private-sector contractors. Such losses tend to receive widespread media coverage in the UK.

Date		Department	Number of records lost	Narrative
2017		Heathrow Airport	2.5GB / 76 folders	Lost unencrypted USB storage device containing complete security information for Heathrow airport including badges, maps, CCTV camera locations, etc.
2015		Ministry of Defence		British Army footage and photographs of Operation Motorman were found to be missing.
2014		Foreign Office		Records of Diego Garcia flights and the UK's role in the CIA rendition programme were destroyed by water damage.
2014		Home Office	114	Files linked to 1980s Westminster paedophile ring allegations were found to be missing. (See also: Westminster paedophile dossier.)
2013		Serious Fraud Office		Documents related to the investigation of BAE Systems were lost accidentally. The data amounted to 32,000 physical pages of text, 81 tapes of audio, and other electronic media.
2013	November	Suffolk County Council		An unencrypted USB memory stick was found containing information from the county’s adult and community services department. It had internal memos and copies of e-mails about forthcoming projects – and it also had tables containing the names of clients.
2013	July	NHS Greater Glasgow and Clyde	60	A folder containing patient records was found in a car park and handed in by a member of the public.
2012		Greater Manchester Police	over 1,000	An unencrypted USB stick containing details of witnesses with links to serious criminal investigations that was being kept in a police officer's house was stolen in a burglary. The force was fined £120,000.
2012		South London NHS Trust	600	Records on 600 maternity patients and their newborn children were lost by misplacing unencrypted USB sticks.
2012	May	NHS Surrey	3,000	Computer used by the NHS was sold on auction website eBay without being properly cleansed of patient records.
2012	February	Office for Nuclear Regulation (ONR)		A memory stick containing a safety assessment of a nuclear power plant in north-east England has been lost by an official. The unencrypted USB pen drive, containing a 'stress test' safety assessment of the Hartlepool plant.
2011	February	Powys County Council		A file containing details of a child protection case was leaked accidentally. The council was fined £130,000.
2010	September	Brighton General Hospital		Hard drives containing patient data were stolen.
2008	November	Department for Work and Pensions	n/a	USB memory stick, apparently encrypted and containing passwords for an old version of the Government Gateway, a website giving access to millions of records of personal data.
2008	October	Ministry of Defence	1,700,000	Hard drive being held by contractor EDS is found to be missing.
2008	September	Service Personnel and Veterans Agency	50,500	Three USB portable hard drives with details of staff are allegedly stolen from a high security facility at RAF Innsworth. The Agency holds records on 900,000 current and former personnel. Stolen records included sensitive information about the private lives of senior staff.
2008	September	National Offender Management Service	5,000	A hard drive containing details of 5,000 employees of the National Offender Management Service was lost by EDS.
2008	September	Insolvency Service	400	Names, addresses and bank details of up to 400 directors of 122 firms were lost when four laptops were stolen from a Manchester premises.
2008	September	Tees, Esk and Wear Valleys NHS Trust	200	Memory stick with details of patients found in a public park.
2008	August	Home Office	84,000	PA Consulting lost an unencrypted memory stick containing details of high risk, prolific and other offenders.
2008	August	Colchester Hospital University NHS Foundation Trust	21,000	A manager's unencrypted laptop holding patient addresses and treatment details is stolen from his car whilst on holiday in Edinburgh
2008	January	Royal Navy	600,000	A Royal Navy officer's laptop was stolen that contained the details of 600,000 applicants and others who had expressed interest in joining the Armed Forces including both the Navy, Marines and Air Force.
2007	December	Department for Work and Pensions	45,000	West Yorkshire benefit claimants' in data lost.
2007	December	Department for Work and Pensions	000s	CDs with personal data found at the home of a former contractor.
2007	November	City and Hackney Teaching Primary Care Trust	160,000	"Heavily encrypted" disks containing details of children are lost by couriers. The loss prompted the agency to implement hard drive and USB memory stick encryption systems across all PCs.
2007	November	Foreign and Commonwealth Office	50,000	Details of visa applicants were made available on an FCO website.
2007	November	HM Revenue and Customs	25,000,000	Two CDs containing details of the families of child benefits claimants went missing in the post. HMRC's handling of data was described as "woefully inadequate" and staff were described as "muddling through" in a June 2008 Independent Police Complaints Commission report.
2007	July	Ministry of Justice	5,000	Hard disk with details of HM Prison Service staff is lost on the premises of EDS.
2007	May	Driving Standards Agency	3,000,000	Hard disk with details of candidates for the driving theory test was lost in a premises in Iowa by subcontractors.
2007	May	Foreign and Commonwealth Office	50	Details of individuals made public after "unauthorised disclosure by a contractor"
1961		Foreign Office		Many of the most sensitive documents from the UK's colonial era were destroyed under the direction of Secretary of State for the Colonies Iain Macleod.

Related Research Articles

Computer security, cybersecurity, digital security, or information technology security is the protection of computer systems and networks from attacks by malicious actors that may result in unauthorized information disclosure, theft of, or damage to hardware, software, or data, as well as from the disruption or misdirection of the services they provide.

Insurance is a means of protection from financial loss in which, in exchange for a fee, a party agrees to compensate another party in the event of a certain loss, damage, or injury. It is a form of risk management, primarily used to protect against the risk of a contingent or uncertain loss.

The United Kingdom of Great Britain and Northern Ireland, commonly known as the United Kingdom (UK) or Britain, is a country in Northwestern Europe, off the coast of the continental mainland. It comprises England, Scotland, Wales, and Northern Ireland. The UK includes the island of Great Britain, the north-eastern part of the island of Ireland, and most of the smaller islands within the British Isles. Northern Ireland shares a land border with the Republic of Ireland; otherwise, the United Kingdom is surrounded by the Atlantic Ocean, the North Sea, the English Channel, the Celtic Sea, and the Irish Sea. The total area of the United Kingdom is 94,354 square miles (244,376 km²), with an estimated population of nearly 67.6 million people in 2022.

The total number of military and civilian casualties in World War I was about 40 million: estimates range from around 15 to 22 million deaths and about 23 million wounded military personnel, ranking it among the deadliest conflicts in human history.

In law, fraud is intentional deception to secure unfair or unlawful gain, or to deprive a victim of a legal right. Fraud can violate civil law or criminal law, or it may cause no loss of money, property, or legal right but still be an element of another civil or criminal wrong. The purpose of fraud may be monetary gain or other benefits, for example by obtaining a passport, travel document, or driver's license, or mortgage fraud, where the perpetrator may attempt to qualify for a mortgage by way of false statements.

In cryptography, plaintext usually means unencrypted information pending input into cryptographic algorithms, usually encryption algorithms. This usually refers to data that is transmitted or stored unencrypted.

Identity theft, identity piracy or identity infringement occurs when someone uses another's personal identifying information, like their name, identifying number, or credit card number, without their permission, to commit fraud or other crimes. The term identity theft was coined in 1964. Since that time, the definition of identity theft has been legally defined throughout both the U.K. and the U.S. as the theft of personally identifiable information. Identity theft deliberately uses someone else's identity as a method to gain financial advantages or obtain credit and other benefits. The person whose identity has been stolen may suffer adverse consequences, especially if they are falsely held responsible for the perpetrator's actions. Personally identifiable information generally includes a person's name, date of birth, social security number, driver's license number, bank account or credit card numbers, PINs, electronic signatures, fingerprints, passwords, or any other information that can be used to access a person's financial resources.

World War II was the deadliest military conflict in history. An estimated total of 70–85 million people perished, or about 3% of the estimated global population of 2.3 billion in 1940. Deaths directly caused by the war are estimated at 50–56 million, with an additional estimated 19–28 million deaths from war-related disease and famine. Civilian deaths totaled 50–55 million. Military deaths from all causes totaled 21–25 million, including deaths in captivity of about 5 million prisoners of war. More than half of the total number of casualties are accounted for by the dead of the Republic of China and of the Soviet Union. The following tables give a detailed country-by-country count of human losses. Statistics on the number of military wounded are included whenever available.

The Office for National Statistics is the executive office of the UK Statistics Authority, a non-ministerial department which reports directly to the UK Parliament.

The Three-Day Week was one of several measures introduced in the United Kingdom in 1973–1974 by Edward Heath's Conservative government to conserve electricity, the generation of which was severely restricted owing to industrial action by coal miners and railway workers.

Cannock Chase is a constituency in Staffordshire represented in the House of Commons of the UK Parliament since 2024 by Josh Newbury of the Labour Party.

Ealing North is a constituency, created in 1950. Since the 2019 general election, it has been represented in the House of Commons of the UK Parliament by James Murray of Labour Co-op.

<span class="mw-page-title-main">Uxbridge (UK Parliament constituency)</span> Parliamentary constituency in the United Kingdom, 1885–2010

Uxbridge was a seat returning one Member of Parliament (MP) of the House of Commons of the UK Parliament from 1885 to 2010. Its MPs elected were: Conservative Party candidates for 107 years and Labour Party candidates for 18 years. The closing 40 years of the seat's history saw Conservative victory — in 1997 on a very marginal majority in relative terms.

Bristol East is a constituency recreated in 1983 covering the eastern part of the City of Bristol, represented in the House of Commons of the UK Parliament since 2005 by Kerry McCarthy of the Labour Party.

The 2010 United Kingdom general election was held on Thursday 6 May 2010, to elect Members of Parliament to the House of Commons. The election took place in 650 constituencies across the United Kingdom under the first-past-the-post system. The election resulted in a large swing to the opposition Conservative Party led by David Cameron similar to that seen in 1979, the last time a Conservative opposition had ousted a Labour government. The governing Labour Party led by the prime minister Gordon Brown lost the 66-seat majority it had previously enjoyed, but no party achieved the 326 seats needed for a majority. The Conservatives won the most votes and seats, but still fell 20 seats short. This resulted in a hung parliament where no party was able to command a majority in the House of Commons. This was only the second general election since the Second World War to return a hung parliament, the first being the February 1974 election. This election marked the start of Conservative government for the next 14 years.

$<span class="mw-page-title-main">Normanton, Pontefract and Castleford (UK Parliament constituency)</span> Parliamentary constituency in the United Kingdom$

Normanton, Pontefract and Castleford was a constituency in West Yorkshire of the House of Commons of the UK Parliament. It was represented by Yvette Cooper of the Labour Party for the whole of its creation. Cooper served under the governments of Tony Blair and Gordon Brown alongside her husband Ed Balls, and served as Shadow Home Secretary under the leadership of Ed Miliband. Having served as chair of the Home Affairs Select Committee, she is once again the Shadow Home Secretary.

Classified information in the United Kingdom is a system used to protect information from intentional or inadvertent release to unauthorised readers. The system is organised by the Cabinet Office and is implemented throughout central and local government and critical national infrastructure. The system is also used by private sector bodies that provide services to the public sector.

The loss of United Kingdom child benefit data was a data breach incident in October 2007, when two computer discs owned by HM Revenue and Customs containing data relating to child benefit went missing. The incident was announced by the Chancellor of the Exchequer, Alistair Darling, on 20 November 2007. The two discs contained the personal details of all families in the United Kingdom (UK) claiming child benefit, of which takeup in the UK is near 100%.

Test, Trace, Protect is a government-funded service in Wales, first published on 13 May 2020 by the Welsh Government to track and help prevent the spread of COVID-19. Its aim is to "enhance health surveillance in the community, undertake effective and extensive contact tracing, and support people to self-isolate".

The following is a timeline of the COVID-19 pandemic in the United Kingdom from July 2022 to December 2022.

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.