Stop smoking, start losing your identity

Filed Under: Data loss

I got a call this morning from BBC Radio Lincolnshire, asking me to go on their news programme. Tim, the researcher who rang me, told me that memory sticks containing the confidential details of 26,000 patients had been lost in the county.

That in itself wasn't news, as the USB drives were first reported missing back in the summer, but it has only now been revealed that the devices contained the names, addresses, phone numbers, and NHS referral details of 26,000 people who had participated in NHS Lincolnshire's Smoking Cessation scheme.

A spokesperson for the NHS told the BBC that most of the information could be found from public sources such as the electoral roll and the telephone directory.

Well, excuse me, but my phone book doesn't list everyone's NHS number.

Yes, a lot of information can be gleaned regarding individuals if you manage to access the electoral roll or birth registry, but having it available in electronic format on a memory stick certainly makes things much more convenient for an identity thief.

We can hope that the lost sticks might be lost somewhere in a washing machine or down the back of an armchair, but there is always the risk that they might fall into the hands of the unscrupulous. As we described in our recent Security Threat Report 2009, the incidents of data loss - whether it be accidental or otherwise - are on the rise, and all organisations should put proper controls in place to minimise the impact.

* Image source: bachmont's Flickr photostream (Creative Commons 2.0)

You might like

About the author

Graham Cluley runs his own award-winning computer security blog, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and, and circle him on Google Plus for regular updates.