We aim to make this site as accessible as possible and therefore have provided the settings below to use if you are finding it difficult to view this website. See the SFO Accessibility Statement for more information.

Where it is appropriate to provide a Welsh translation, you can switch to Cymraeg. See the Welsh Language Commissioner website for more information.

Use the settings button in the bottom right corner of the page to access these settings again.

Change to normal text size A Change to medium text size A Change to large text size A Adjust Text Size

We would like to use Analytics Cookies on our website. 

Turn these on below if you are happy with us collecting information on how our site is used, in order for us to improve the overall experience of our website. 

All other cookies are necessary and therefore by continuing to browse this website, you are agreeing to the usage of these cookies.

 See the SFO Privacy Policy for more information. 

Analytics Cookies

Data loss incident

8 August, 2013 | Statements

A Serious Fraud Office spokesperson said:

“The SFO is dealing with an incident of accidental data loss.  The data concerned was obtained by the SFO in the course of its closed investigation into BAE Systems.

“The SFO has a duty to return material to those who supplied it, upon request, after the close of an investigation.  In this instance the party requesting the return was sent additional material which had in fact been obtained from other sources.

“The data constituted 3 per cent of the total data in the case.  It consists of 32,000 document pages, 81 audio tapes and electronic media. Of this, 98 per cent of the material has been recovered and efforts continue to recover all the remaining material that has not already been destroyed by the recipient.  No material relating to national security was included in the data.

“Any loss of data is a serious matter and the SFO has taken action to ensure no further material can be wrongly sent out. “At the request of the Director of the SFO, the former Director of Security at the Palace of Westminster, Peter Mason CBE, has conducted an initial review of the incident and made some recommendations. These are:

  • Continuing ownership of the data in a concluded case by designated operational staff
  • Re-drafting of the responsibilities of the SFO’s Senior Information Risk Owner
  • Raising the profile of data handling as a key risk in the SFO’s business

“These recommendations are all being implemented.

“More generally, the Director of the SFO has instigated an independent wide-ranging review of all the organisation’s business processes by Alan Woods, a former senior civil servant.”

Background

The Serious Fraud Office identified in May the data loss which took place between May and October 2012. No material related to matters of national security was included in the data loss and the conviction in this case is unaffected by the loss.

Action was then taken in June to establish the extent of the loss, put in place a recovery strategy and to notify affected parties.

We have contacted the 59 sources of the data to inform them of the situation and are working to contact any others who may have been affected.

The Information Commissioner’s Office was notified and the Director of the SFO appointed Peter Mason CBE in July this year to carry out an independent review.

He has concluded that the incident was accidental, and he has made recommendations which have all been accepted by the SFO and are now being implemented. Mr Mason has agreed to make a fuller assessment of the incident and aims to interview former members of staff. He will return to the SFO in the early part of next year to see how his recommendations have been implemented.