The Information Commissioners Office (ICO) has released details of a data breach involving the Identity and Passport Service (IPS). In May 2010 the personal details of 21 applicants, along with their counter signatories, went missing, contravening the Data Protection Act.
Despite processing more than 25 million applications in the last five years, a spokesman for the IPS said they had already carried out a full internal review of security and had cancelled the application information as soon as it learnt of the breach. It was hoped this hadn’t led to any further risk to the applicants or subjected them to identity fraud.
The Chief Executive of the IPS has signed an undertaking to implement a number of measures to prevent this type of breach happening again. It states all those affected by the breach were informed, offered new passports and no complaints were received to the IPS.
Mick Gorrel from the ICO says “A passport is an important identification document and it is clearly of concern that information relating to renewal applications has been lost. However, there is no evidence to suggest that the applications have fallen into the wrong hands and we are pleased that the Identity and Passport Service is taking steps to stop this happening again.”