Police send Reg hack CRB check database

[Jon Turner <jjturner () gmail com>]

http://www.theregister.co.uk/2010/04/16/gwent_police_data/
Police send Reg hack CRB check database

Massive security breach prompts investigation

*Exclusive* Police face accusations of incompetence after accidentally
emailing a file detailing the results of thousands of criminal records
checks to a Register journalist.

The author of the email at Gwent Police is now facing a gross misconduct
investigation and potential sacking over the incident, which came to light
this week.
<http://ad.uk.doubleclick.net/jump/reg.public_sector.4159/policing;tile=2;pos=top;dcove=d;sz=336x280;ord=S8ircMCoZGUAAGf7iikAAADJ?>

The file — a Microsoft Excel spreadsheet which was not encrypted or password
protected — contained the full names and dates of birth of 10,006 people in
jobs or applying for jobs where a Criminal Records Bureau (CRB) disclosure
is required.

It detailed the results of the checks going back to 2001 and so identified
863 people as having been in trouble with police. In many cases it recorded
their occupations, including dozens of taxi drivers, school and hospital
workers.

Personal details and whether a CRB disclosure was made on foster carers, IT
technicians and pest controllers was also included in the spreadsheet.

The Register has now deleted the file in cooperation with Gwent Police’s
professional standards officers, who travelled to our London offices two
days after being contacted.

_______________________________________________
Dataloss-discuss Mailing List (dataloss-discuss () datalossdb org)
Archived at http://seclists.org/dataloss/

Get business, compliance, IT and security staff on the same page with
CREDANT Technologies: The Shortcut Guide to Understanding Data Protection
from Four Critical Perspectives. The eBook begins with considerations
important to executives and business leaders.
http://www.credant.com/campaigns/ebook-chpt-one-web.php