Server with Top-Secret Data Stolen

An anonymous reader writes "Usually missing information stories are fairly low key; the loss of a few thousand student records is cause for concern for those involved, but hardly national security. This one is slightly different. The company Forensic Telecommunications Services has announced that a server containing 'thousands of top-secret mobile phone records and evidence from undercover terrorism and organized crime investigations' has been stolen. From the article: 'The company — whose clients include Scotland Yard and the Crown Prosecution Service — has assured the public that the server is security protected, and the breach will not compromise ongoing police operations. The information is made up of either old cases that have passed through the judicial process, or cases that are already in the judicial system and so subject to full disclosure to both defense and prosecution teams.'"

Top secret public records?

[mmarlett]

Which is it: Top secret phone records or information that has already been released in court cases? It doesn't seem like the two are the same.

Re:Top secret public records?

[yog]

I don't get it. What happened to locks, keys, and trusted employees? It seems like companies and government organizations are constantly leaving sensitive materials in cars or in unsecured locations where they can be stolen by opportunistic thieves. After thousands of years of civilization, and with all the fancy technology at our disposal today, have we learned nothing about how to keep important materials out of mischievous hands?

A server with sensitive information should not be on the public internet, and it should not be on the premises of a subcontractor! It should be safe behind locked doors with access only by a select few, and protected by strong encryption too. I just don't get it; it's kind of depressing.

I could sure trust them

[faloi]

Except that their physical security is apparently so poor that I can't imagine their data security is much better.

"All the data is protected, as long as the thieves don't look at the password sticker hidden inside the case."

Wrong Terminology

[stewbacca]

"Top Secret" is a term reserved for government classification schemes (in the US) and is clearly outlined by US laws. Using "Top Secret" for a business is just sensationalism. This business lost sensitive data, not "Top Secret" data.

Re:Wrong Terminology

[stewbacca]

True, all of what you said (except contractors are not the majority of classified handlers, especially in compartmentalized intel). I was a contractor and I handled classified all day long. My point is that companies are TOLD by government classification guidelines what is "Top Secret" and don't just make up their own classifications because they work with government classified data. Even if contractors CREATE the data, the company doesn't classify the content they created, the government does. I've said too much. The blacksuits are here. Nice knowing you all!

Private company?????

Shouldn't someone explain wtf does top secret policial information in the hands of a corporation? Such information should be gathered, kept and custodied by police.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Laptops, always, desktops, yes, servers - ?

[caluml]

Well, I always use encrypted partitions for equipment that could be stolen - laptops, or my home PC - but I wouldn't consider it for servers.
This makes you think though.

Deliberate theft?

[orangesunglasses]

It is probably understandable how laptops and PC's get stolen, as maybe an opportunistic theft, but how the fuck can someone just wander off with a server? This presents two reasons why it was stolen
1. It was stolen for the hardware, so have a look on ebay soon
2. It was stolen for the data that the machine contained, which is probably more concerning.