The Home Office has recorded a 120% surge in data loss incidents over the two most recent financial years, with 1,895 individual incidents in 2018-19, rising to 4,204 incidents in the most recent financial year.
The data was compiled by cybersecurity think tank Parliament Street and extrapolated from the Home Office’s Annual Report and Accounts 2019-20.
Data revealed that the most common incident was the loss of inadequately protected electronic equipment, devices, or paper documents from outside secured government premises.
Incidents of this nature increased by 242% between 2019 and 2020, with a total recorded number of 2,404 compared to just 702 the year before.
A further 946 incidents of lost electronic equipment or documents from secured government premises was also recorded in 2019-20, up from 145 in 2018/19 – a 552% increase.
Of the 4,204 recorded incidents in 2019-2020, 25 were flagged as being severe and fell within the criteria for notifying the Information Commissioner’s Office. This figure is down from the 35 severe incidents recorded from the year before.
The most common reason for these severe incidents is due to ‘unauthorised disclosure’ – 11 of 25 incidents in 2019-20 were due to this reason, as well as 26 out of 35 from the year prior.
Andy Harcup, VP Sales at Absolute Software, commented: “It’s vital that key government departments like The Home Office take data security seriously.
“These figures indicate a myriad of losses of critical devices and data, some of which was so serious they had to be reported to the regulator.
“It is not uncommon for a missing file or laptop to fall into the wrong hands, giving hackers and cybercriminals access to critical public data.
“Key to tackling this problem is the implementation of sophisticated and robust end-point security, providing IT professionals within the department with full visibility and control over their device: meaning they can freeze or access a laptop, file or device, even if it lands in the wrong hands.”
It was revealed in February that data breaches of this nature were most likely to be caused by human error.
According to data analysis firm CybSafe, nine out of 10 of the 2,376 data breaches reported to the organisation in 2018 were due to mistakes made by end-users.
Compiled data showed an increase from the previous two years, when 61% and 87% of cyber breaches respectively were put down to user mistakes.
Last year, The Home Office had important documents relating the Brexit department’s plan to track migrants using border technology and digital IDs post-Brexit leaked in a major data breach.
The documents were from a leaked 16-slide Home Office presentation and revealed information about new migrants visiting the UK once it leaves the EU being given digital identities and having their visa filtered by “automated checks”.