Consulting firm sacked over data loss

LONDON (Reuters) - The government has sacked a consulting firm which lost the details of every prisoner in England and Wales in the latest Whitehall data security breach.

Clerks leave the headquarters of Britain's Home Office in central London March 29, 2007. REUTERS/Alessia Pierdomenico

Home Secretary Jacqui Smith said it had ended the contract with London-based PA Consulting after an employee lost the data on an unencrypted computer memory stick.

“This was a clear breach of the robust terms of the contract covering security and data handling,” Smith said in a statement to parliament. “We are reviewing our other contracts with PA, specifically from a data-handling and security perspective.”

The missing memory stick contains the names and date of birth of every prison inmate. It also has the names, addresses and birthdate of 33,000 people with six or more convictions.

The data loss poses only a low risk to public safety and to those involved, Smith added.

An initial Home Office report said the data was emailed via a secure link to PA Consulting and then downloaded onto the stick, which was reported missing on August 18.

Investigators think it could have been stolen by an opportunistic thief in the PA Consulting offices.

“It is likely that its value and the fact that it could be easily concealed made it attractive to a potential thief,” the report says.

Opposition parties and privacy campaigners say the government cannot be trusted with data and should abandon plans to set up a national identity card system which would need a large computer database.

Last year, Prime Minister Gordon Brown ordered a review after HM Revenue and Customs lost data on 25 million people, exposing them to the risk of identity theft and fraud.

Reporting by Peter Griffiths; editing by Steve Addison