SENSITIVE data for a further 1,000 people was stored on a laptop thought to have been stolen from St Albans District Council, it has been revealed.
A review of data stored on the council's missing electoral services computer revealed a file containing the confidential details of an additional 1,000 people, kept to verify postal votes in 2007 and 2008.
The district council's chief executive Daniel Goodwin revealed the problem to a meeting of the audit committee last night, insisting the loss of further data had only come to light in the last three days.
Speaking after the meeting, St Albans Labour parliamentary candidate councillor Roma Mills said: "It gets worse and worse. We don't know how many of those 1,000 people will be affected. They need to be told as soon as possible."
Leader of St Albans Tory group Julian Daly added: "The more the stones are lifted on this the worse it gets. The sooner they get to the bottom of this and tell those people the better."
An investigation continues into the loss of four laptops, one containing 14,673 names, addresses and signatures of postal voters, thought to have been stolen from the council offices last month.
The committee, which met at the district council offices last night to debate the alleged theft, identified serious flaws in the council's data management procedures and its control of confidential information.
Asked why the names, addresses and signatures of postal voters had not been wiped from the database immediately after an election, Mr Goodwin said staff had no knowledge the details remained on the machine and admitted to remove them would be beyond them.
"There's no clear instruction to manage that data," he told the committee. "It's a big issue for us."
Chairman of the Committee Daniel Chichester-Miles said: "There are serious break downs here. There is a lack of clarity amongst the staff at precisely how the systems work and what their expectation was. The feeling amongst the committee is one of complete dis-satisfaction in what we are hearing and disbelief."
The council has signed up with the Credit Industry Fraud Avoidance System (CIFAS) - costing taxpayers around £45,000 - to provide protection to those residents at risk of identity theft as a result of the lost laptop.
But councillor Mills said the introduction of fraud protection for affected residents had taken far too long to put in place. "The whole thing has taken far too long. We should have been much quicker in offering protection," she said. Asked why cover was not offered to residents immediately after the thefts emerged, Mr Goodwin said the council was relying on the Serious Organised Crime Agency to offer similar protection, until it pulled out last month.
The council has promised to reimburse residents who have taken out independent cover.
Councillor Mills added: "The response has been slow and the more we ask questions the more we discover, which is alarming."
An action plan to improve security in the council's IT department has been drawn up with the encryption plan for all computer equipment brought forward.
Head of IT services Mutairu Jibril insisted all council-owned machines were being secured and said a thorough review of the department's policies and procedures was underway.
Comments: Our rules
We want our comments to be a lively and valuable part of our community - a place where readers can debate and engage with the most important local issues. The ability to comment on our stories is a privilege, not a right, however, and that privilege may be withdrawn if it is abused or misused.
Please report any comments that break our rules.
Read the rules hereLast Updated:
Report this comment Cancel