UK COMPUTERS STOLEN Personal details of up to 3,500 people were on stolen Blackburn council computers (From This Is Lancashire):

Personal details of up to 3,500 people were on stolen Blackburn council computers

5:50pm Saturday 26th September 2009

THE PERSONAL data of as many as 3,500 people was lost when 15 council computers were stolen, an official report has revealed.

The laptops, used by social workers, were stolen from Jubilee House in Blackburn in June.

Now the Information Commissioner will now carry out his own investigation as the theft meant the council breached the Data Protection Act by failing to look after people’s personal information.

An internal review into the episode by Blackburn with Darwen council has found: -Anyone with “good IT technical skills” could have accessed the data, which included files on vulnerable people known to the adult social care team.

-The building was properly locked and alarmed, but the locks should have been stronger.

-The computers had not been locked away and were in plain view on people’s desks.

-100 letters warning people of the data loss were accidentally sent to children, rather than their parents.

After the break-in, on the evening of June 11, staff began the three-week task of trawling through their email accounts to try and find out what information had been downloaded onto the laptops.

Once this had been done, it was still not possible to draw a comprehensive list of the people affected, the report, carried out by regeneration boss Adam Scott, said.

The laptops have still not been traced and were probably stolen for their resale value, rather than the personal data, bosses believe.

The report praised the council’s PR team and hit out at “scaremongering” stories about the possibility of paedophiles’ details being on the laptops - although this has not been ruled out.

It said: “The building was locked and secured, but the locks were not the strongest, the alarms were not able to warn any occupants of an intrusion, and the security company responded slowly.

“Policies were in place for IT security and protection of personal data, but were not communicated adequately to staff and systems of management control were not used fully.”