The loss of a laptop containing BSkyB pension plan details also affected the personal details of Network Rail and British Transport Police employees, accountancy firm Deloitte has admitted.
A laptop containing the names, pension plans, National Insurance numbers and salary details of more than 100,000 Network Rail staff, British Transport Police and BSkyB employees was stolen from a Deloitte staffer last month. Deloitte would not say if staff at other businesses were affected.
The theft occurred when a Deloitte employee took the laptop to a public place, but the company declined to comment on how the theft took place other than to suggest the employee was distracted when the machine was stolen.
“Deloitte has information security policies which include guidelines for employees to ensure they pay close attention to their laptops when in public places," it said in a statement. "Nevertheless, and very unfortunately, this theft still occurred.”
The data was encrypted and password protected.
But a major rail union has called for an urgent inquiry and full disclosure of what information was missing.
"We are extremely concerned that this personal information affecting well over 100,000 people has gone missing," said Gerry Doherty, general secretary at the Transport Salaried Staff Association, which represents railway and British Transport Police staff. "All we have received are bland assurances that everything is going to be all right." There needed to be a full disclosure of what information was missing, and how security will be improved, he said.
Network Rail said it had informed its staff of the theft, and had begun an investigation. The British Transport Police did not respond to a request for comment at the time of writing.
BSkyB said it was “working urgently with Deloitte to review their processes to ensure that this does not happen again”.
Deloitte said everyone whose data was affected was immediately contacted, and that the police were notified of the incident. “We believe that the likelihood of unauthorised access to the data held on this laptop is remote due to the opportunistic nature of the theft and the security controls,” it said.