Serious Fraud Office admits to massive data breach
Confidential computer files, audio tapes and documents accidentally sent to third party.
The Serious Fraud Office (SFO) has admitted to sending a large tranche of confidential information to the wrong person.
The breach, involving 32,000 pages of documents, 81 audio files and a number of computer files relating to an investigation into British defence, security and aerospace firm BAE Systems, went undetected for a year.
The SFO said the accident occurred after the close of the investigation, when it was sending back materials to an individual or organisation that had supplied information and requested its return.
The recipient received the information they had sent, as well as additional items from other sources, which constituted 3 per cent of the total amount of data submitted in relation to the case.
The SFO said that 98 per cent of the material that had been sent in error has been recovered and that it is continuing to try and recover the remaining information that has not already been destroyed by the recipient.
The accidental recipient has not been named.
"Any loss of data is a serious matter and the SFO has taken action to ensure no further material can be wrongly sent out," an SFO spokesperson said.
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.
"At the request of the Director of the SFO, the former Director of Security at the Palace of Westminster, Peter Mason CBE, has conducted an initial review of the incident and made some recommendations.
"More generally, the Director of the SFO has instigated an independent wide-ranging review of all the organisation's business processes by Alan Woods, a former senior civil servant," the spokesperson added.
A spokesperson for the Information Commissioner's Office (ICO) said: "We have been made aware of a possible data breach involving the Serious Fraud Office.
"We will be making enquiries into the circumstances of the alleged breach of the Data Protection Act before deciding what action, if any, needs to be taken."
Jane McCallion is ITPro's Managing Editor, specializing in data centers and enterprise IT infrastructure. Before becoming Managing Editor, she held the role of Deputy Editor and, prior to that, Features Editor, managing a pool of freelance and internal writers, while continuing to specialize in enterprise IT infrastructure, and business strategy.
Prior to joining ITPro, Jane was a freelance business journalist writing as both Jane McCallion and Jane Bordenave for titles such as European CEO, World Finance, and Business Excellence Magazine.