Stolen Eden Project laptop sparks ID theft concerns

Fears of identity theft have been sparked by the disappearance of a laptop containing the personal and financial details of over 500 employees at the Eden Project.

The laptop was looked after by an employee of Moorepay, a company the Cornish tourist attraction uses to handle its payroll. The theft was reported on 1 June but details of the theft only became public this week.

Data lost from the theft included employee names and address as well as bank details, National Insurance numbers, and salary details of around 500 staff working at the UK’s second most popular tourist destination.

Eden Project creator Tim Smit told the BBC that the company was ‘appalled’ at the lapse of security and were ‘making sure that personal data is never put in such a vulnerable position again.’

Security experts said that firms rely too much on third parties to secure confidential data.

‘Enterprises need to be more cautious regarding third-party companies that they share sensitive information such as payroll details with,’ said Jamie Cowper, European Marketing Director at data encryption company PGP. ‘Without a thorough assessment of the threat status of companies such as Moorepay, existing security policies can easily be rendered useless.’

Other experts said that the loss demonstrated the risk associated with protecting sensitive data in any organisation.

‘This incident highlights the need for all companies handling important data to have effective IT security policies and rigorous compliance procedures in place,’ said Geoff Sweeney, chief technical officer of IT security company Tier-3. ‘The aggregation and storage of information assets is increasingly making them targets for criminals seeking to profit from the theft of identity details intellectual property or other sensitive information.’

He said that all organisations need to be aware of these risks and deploy appropriate security processes and systems to protect against the misappropriation of this sort of information.