St Albans Council alerts banks over laptop data theft
PUBLISHED: 06:50 04 December 2009 | UPDATED: 14:44 06 May 2010
ALERTS have been set up with banks and financial institutions to provide extra security for postal voters whose personal details were on a laptop stolen from St Albans council offices. The district council s chief executive Daniel Goodwin said at a specia
ALERTS have been set up with banks and financial institutions to provide extra security for postal voters whose personal details were on a laptop stolen from St Albans council offices.
The district council's chief executive Daniel Goodwin said at a special cabinet meeting on Tuesday night that the alert connections were expected to be confirmed by police yesterday (Wednesday).
Letters will go out to the nearly 14,500 residents affected by the theft which was discovered on November 5.
Three weeks earlier, the council had discovered that three unused laptops were missing but it was the loss of the fourth which had contained names, addresses, signatures and the dates of birth of the district's postal voters which has caused the greatest concern.
Mr Goodwin told the meeting that letters would be going out to the affected voters in case they did not wish to be included in the list passed on to the banks. He added: "The letter is in draft and we are waiting for final information before it goes out."
Mr Goodwin was grilled for over two hours at the cabinet meeting about the laptop thefts and he admitted that had the council's security policy been followed, it would have prevented it happening.
The postal vote laptop was not encrypted to provide extra security - although Mr Goodwin said that had been in the offing. It had not been given priority because there was no intention for it to leave the council offices.
He explained that the reason the data was on a laptop was because that was what the manufacturers recommended for postal votes as many councils wanted to take the data into elections.
And he stressed that although the head of IT at the council had handed what was probably the missing laptop to an employee of the council's contractors Northgate, there was no suggestion of a link between that person and the theft.
Northgate, the company contracted to run the council's IT system at a cost of £2.5 million over seven years, has suspended current operational arrangements pending investigations.
Mr Goodwin admitted that the security arrangements for hardware and its potential data were not sufficiently robust between the council and Northgate.
And he confirmed at last week's full council meeting that should the company be found to blame for the saga after a full report, they would be suspended. Questioned about the delay between the loss of the laptops and contacting police, he said that at first the council thought that only the three unused laptops had been misplaced.
He went on: "We were not aware that there was something amiss until the person who had been working on the electoral services laptop asked where it was.
"I thought all four had gone missing at the same time but it has since transpired that was not the case."
Local resident Dr Peter Partington, who is a computer expert, said he was concerned that the council was misleading the public over encryption. He maintained the council did not have a formal plan for encryption and added: "There is a discrepancy between trying to reassure people and what is going on in practice. We are making such a meal of this and losing the confidence of the public. There wasn't a particular plan at all."
Mr Goodwin insisted there was now a clear plan in place.
l A 35-year-old man from Stevenage has been arrested in connection with the laptop thefts and has been released on police bail until next year.
If you value what this story gives you, please consider supporting the Herts Advertiser. Click the link in the orange box above for details.