Military personnel data disappears into the wild blue yonder

Graham Cluley
Graham Cluley
@

 @grahamcluley.com
 @[email protected]

RAF aircraft book

A theft at a Royal Air Force base has left British authorities, already red-faced after a series of high-profile data breaches (click on each word), with another sticky situation.

This weekend it was revealed that three USB portable drives, containing the details of serving and former military personnel, have been stolen from the Service Personnel and Veterans Agency’s offices at RAF Innsworth in Gloucestershire.

The agency provides support services to some 900,000 people, either currently serving within the Ministry of Defence or retired, but it is unclear how many servicemen and women have been put at risk by this security breach.

Sign up to our free newsletter.
Security news, advice, and tips.

According to an MOD spokesperson, “Two of the drives are believed to have contained potentially sensitive personal data relating to personnel who served in the Royal Air Force in recent years; the third hard drive did not contain any personal data. An investigation is being conducted by the MOD Police, with the support of Gloucestershire Police, and it would be inappropriate to give further details of the circumstances of the incident at this stage.”

Notice what is missing? Yep, there is no mention of whether the data on the drives was encrypted or not. In my view it would have been extremely appropriate to mention that in the MOD statement, as if proper encryption had been used then at least services staff would have some comfort that it would be very difficult for crooks to get up to shenanigans with the data.

* Image source: Bowbrick’s Flickr photostream (Creative Commons 2.0)


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "The AI Fix" and "Smashing Security" podcasts. Follow him on Bluesky and Mastodon, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.