The UK’s Cabinet Office has reported almost 800 lost or stolen electronic devices in the past three years, official figures have revealed.
The data, obtained following a Freedom of Information (FoI) request and analyzed by litigation firm Griffin Law, has raised concerns about sensitive government data falling into the hands of nefarious actors, potentially even hostile nation-states.
Over the three-year period FY 19/20 to 21/22, the Cabinet Office, the governmental body responsible for supporting the Prime Minister and Cabinet, reported 791 electronic devices lost or stolen. More than three-fifths (61%) of these were mobile phones, followed by laptops (28%) and Mifi’s (5%). A further 55 ‘other’ devices were also reported missing.
The financial year 2019/20 saw the most devices lost or stolen (435), likely linked to Cabinet Office employees transitioning to home working amid the breakout of the COVID-19 pandemic in March 2020.
Donal Blaney, founder of Griffin Law, argued that tougher penalties should be put in place for public sector employees who lose devices containing sensitive information: “If people entrusted with official secrets as public servants – all too many still working from home – cannot look after our confidential data properly, what confidence can we have in the way we are governed? They should be prosecuted: otherwise, it will once again be one rule for them and one rule for the rest of us,” he outlined.
Commenting on the story, Achi Lewis, area VP EMEA for Absolute Software, said: “It is a tricky task for large organizations, including the Cabinet Office, to manage a vast workforce of staff and devices, especially through unprecedented circumstances like the pandemic. These organizations represent an example for many businesses and, as such, need to ensure they have the proper cybersecurity solutions and protocols to prevent and manage the loss of devices.
“Leveraging resilient zero trust solutions and secure access controls can help to give organizations control of misplaced or stolen devices, allowing them to externally freeze or shut down endpoints such as a laptop or phone and prevent a malicious actor from accessing company data. This should also come alongside training into the dangers of misplacing devices and the importance of ensuring they are properly protected.”
Last year, official data showed that the Department for Business, Energy and Industrial Strategy had 234 mobiles and 72 laptops lost or stolen during the calendar years of 2019 and 2020. In addition, almost 100 laptops, tablet computers and other electronic gadgets were reported missing by Parliamentary staffers in the calendar years 2019 and 2020.