The Home Office has recorded a 120 per cent surge in data loss incidents over the two most recent financial years, with 1,895 individual incidents in 2018-19, rising to 4,204 incidents in the most recent financial year, 2019-20.
The data, which was extrapolated from the Home Office’s Annual Report and Accounts 2019-20 and compiled by a cybersecurity Parliament Street think tank, also included a comprehensive breakdown of the figures. The Parliament Street think tank is one of the UK’s leading research organisations, conducting analysis of major polices as well and producing papers on technology, fintech and economic trends
It revealed that the most common incident was loss of inadequately protected electronic equipment, devices or paper documents from outside secured government premises. 2,404 incidents of this nature were recorded in 2019-20 compared to just 702 the year before – a 242 per cent increase.
A further 946 incidents of lost electronic equipment or documents from secured government premises was also recorded in 2019-20, up from 145 in 2018/19 – a 552 per cent increase.
Of the 4,204 total incidents in 2019-2020, 25 were flagged as being particularly severe, and fell within the criteria for notifying the Information Commissioner’s Office. This figure is down from the 35 severe incidents recorded from the year before.
The most common reason for these severe incidents is due to ‘unauthorised disclosure’ – 11 of 25 incidents in 2019-20 were due to this reason, as well as 26 out of 35 from the year prior.
Andy Harcup, VP Sales, Absolute Software comments: “It’s vital that key government departments like The Home Office take data security seriously. These figures indicate a myriad of losses of critical devices and data, some of which was so serious it had to reported to the regulator.
“It’s not uncommon for a missing file or laptop to fall into the wrong hands, giving hackers and cyber criminals access to critical public data. The key to tackling this problem is the implementation of sophisticated and robust end-point security, providing IT professionals within the department with full visibility and control over their device: meaning they can freeze or access a laptop, file or device, even if it lands in the wrong hands.”