Ministry of Defence: Data Protection

(asked on 26th April 2023) - View Source

Question to the Ministry of Defence:

To ask the Secretary of State for Defence, pursuant to the Answer of 24 April 2023 to Question 181353 on Ministry of Defence: Data Protection, what the nature was of each of the 142 personal data incidents in 2023; and how many people were affected by each incident.


Answered by
Andrew Murrison Portrait
Andrew Murrison
Parliamentary Under-Secretary (Ministry of Defence)
This question was answered on 2nd May 2023

The following numbers and types of personal data incidents have been reported in 2023 in the Ministry of Defence (MOD) as at 31 March:

Category

Nature of Personal Data Incident

Number of Incidents

I

Loss of inadequately protected electronic equipment, devices or paper documents from secured Government premises.

4

II

Loss of inadequately protected electronic equipment, devices or paper documents from outside secured Government premises.

5

III

Insecure disposal of inadequately protected paper documents.

1

IV

Unauthorised disclosure.

122

V

10

Total

142

The number of people affected by the disclosures cannot be provided at this time, as the vast majority of incidents are still under investigation and so it cannot be confirmed yet whether a compromise has actually occurred in all of the 142 cases that have been reported so far in 2023.

The category entitled ‘Unauthorised Disclosure’ includes incidents such as emails being sent to the wrong recipient, or failure to use the bcc function thereby exposing email addresses. The vast majority of these unauthorised disclosures were internal to MOD and involved data that was not above the OFFICIAL-SENSITIVE classification.


Reticulating Splines