The Sellafield nuclear site has suffered an embarrassing data loss incident after secret details about its operation were left on an unencrypted USB storage device which was found in a hotel room in Cumbria.
While this loss could have been catastrophic had the data found its way into the wrong hands, the Sellafield bosses can at least take some comfort in the fact that a member of the public handed in the USB drive to the authorities.
Amongst the information stored on the USB drive were details of how employees are going to be transferred from Cheshire to sites across Europe as part of a deal with Urenco.one, a firm specialising in uranium.
Security expert Sean Glynn, said that this significant data loss could be seen as an indication to the UK’s foes, that it is relatively easy to steal highly sensitive information from within organisations like Sellafield.
Mr Glynn said that it did not take much intellectual power to work out that while USB storage devices are incredibly useful across many forms of business, without proper data protection they are at great risk of becoming compromised.
Encrypting USB storage is the best solution, as this makes it difficult for third parties to access the stored data, even if it is lost by an employee or stolen, according to Mr Glynn. He pointed out that the UK is currently seeking to invest millions in fighting cyber crime and terrorism under a sustained threat from foreign forces, which should give firms the incentive to better safeguard data which is of importance to national security.
The USB device was found by a coach driver who was staying in the Cumbrian hotel, unaware at the time that he was handling data which could be extremely valuable to international criminal groups. On discovering the significance of his find, the driver is said to have remarked that the potential for misuse of its contents was staggering.
An investigation into how the USB drive was left in a hotel room has been launched by Sellafield and further action is likely to occur as a result.