Alarm over staff details after 16th laptop is stolen from key officials
Saturday August 02 2008
THE personal details of hundreds of Government staff were on a laptop stolen from an official at the Office of the Comptroller and Auditor General (OCAG).
The missing laptop -- taken at a bus stop last month -- is the 16th to be stolen from an OCAG official since 1999.
The theft has sparked major security fears, with an expert warning last night that details contained on the computer could be relatively easily accessed by a hacker.
The names of hundreds of employees at the Department of Enterprise, Trade and Employment, their weekly pay, and their Personal Public Service (PPS) numbers were among the personal information contained on the laptop.
Details
Other information on the computer included details of grants given to Industrial Development Agency companies around the country last year.
The theft is being investigated by the Data Protection Commissioner, whose office said it was "very concerned" about the development. Although information contained in a specific file on the laptop was encrypted, sources familiar with the investigation said other information on the computer was not. The only protection for this information was a log-on password.
Last night OCAG -- which is responsible for auditing the accounts of public bodies and examining how they administer their funding -- released a statement saying an auditing file on the laptop, known as Teammate, was encrypted.
However, OCAG did not clarify whether the sensitive information on the stolen computer was in the encrypted file and refused to comment further.
Colm Murphy, technical director with information security consultants Espion, said the OCAG statement did not allay fears for the safety of the data.
"If information on the laptop is just protected by a password, a knowledgeable hacker could easily circumvent that password protection," Mr Murphy told the Irish Independent.
Vulnerable
"There are indications that some of the data may have been held in an encrypted file structure known as Teammate. However, information outside that file structure would be exposed and vulnerable should someone circumvent the password."
The loss of the laptop is the latest in a series of high-profile data security blunders involving State bodies and banks.
Last night OCAG said it "very much regrets" the loss of the 16 laptops, only one of which has since been recovered.
The Department of Enterprise confirmed that all staff had been informed of the missing laptop. A spokeswoman said no bank account details or home addresses of employees were on the laptop.
- Shane Phelan Investigative Correspondent
