MoD inquiry after laptop stolen from headquarters

Had a quick search and didn't see this, so apologies if already covered.

MoD inquiry after laptop stolen from headquarters

An investigation is under way after a laptop containing secret data was stolen from the Ministry of Defence.

It was taken from the ministry's headquarters in Whitehall, central London in late November, along with a key used to decode encrypted files...
My bold, this is a little bit more serious than any of the others I've heard of! Will these fcukers ever learn? I admit mistakes are made by everyone, but this is getting rediculous.
Was'nt it mentioned on the QT debate the other night that the MOD has just been refurbished?
(apologise for going briefly off topic)

So a good opportunity for things to go walkies while work was being carried out I suppose.
If by just refurbhished you mean "5 years ago" then yes!
My main point was about the 'key' also being stolen, so now the data is easily accessable (sp?).


Book Reviewer
meridian said:
But are we still paying for it Jim?
It's PFI, and a particularly bad example at that, so yes, we'll be paying over theodds for many many years. The Coffee isn't bad though.
I suspect for key read fob, the average Journo/sun reader would not know the difference and key makes it sound a bit more horrifying. Makes life easier if they have the capability to crack the P/Word but not to the average opportunist tea-leaf. The fob should not have been with the machine admittidly, but thats another story.
The key is something that someone would be looking for a severe reaming if it was held with the machine.
All dii(f) laptops hard drives are encrypted and require a USB 'token' and a password to read the information stored upon them. The token and the laptop are not meant to be stored together (most people attach theirs to their ID card lanyard 'thingy'). If the laptop is being left in your office then it is meant to be secured (although define 'secured' - mine gets locked in my desk drawer). But at then end of the day this needs to put into perspective...if a computer is being stolen from a secure MOD site then I would suggest that data protection issues are the least of our problems!
Clearly someone has forgotten what they should have learnt from the recent, mandatory, Protecting Information Course. :wink:
Or is more usually case thinks it does not apply to them or will never happen to them. I just love those cases when its everybodys fault except theirs :roll:

Editted a second time to delete a notification of opportunity to those who may be inclined to give it a go. :oops:
Before DERA became QinetiQ, it wasn't uncommon for projects to fund "updated" laptops, charged to the DERA task. When the task was complete, there was no real mechanism in MoD for recovering and retaining these laptops, so DERA just stuffed them in a corner.

When QQ was formed, the laptops largely disappeared from the official records or were offloaded to anyone who fancied an old device (but with perfectly good hard drives full of data). I know a consultant who was given one and still has it, 5 years after his contract expired. He keeps offering it back to QQ but as far a they're concerned it either doesn't exist or is MoD property and nothing to do with them.

The above isn't "theft", it is a failure to manage assets. I think most "thefts" probably fall into this category.
scots_wahey said:
But at then end of the day this needs to put into perspective...if a computer is being stolen from a secure MOD site then I would suggest that data protection issues are the least of our problems!

We're talking about this being nicked from INSIDE Main Building. By the same token (pardon the pun) someone could have nicked an entire file full of PM info. The fact that it was a laptop isn't really relevant other than from a scaremongering perspective.
Why is it that when you have crypto in a white bag you treat it like the holy grail, do checks all day, take it to bed / bog / **** / scoff etc despite the fact that it's a right pain in the ass... but when you have a secure key in a laptop you can just leave it on your desk while you go to the coffee machine, return via the canteen to get a mars bar... oh and attempt to chat up the secretary?

Tomorrow mornings going to be fun… :x
Just to reiterate the point made by bakersfield. This is very much the case with a number of central government units and the outsourcing / third party involvement. As stated, the data "loss" is a secondary concern.
I feel a 'I want a 100% check of all MOD laptops before anyone goes on leave' signal in the Commcen later....