Whitehall suffers a data breach every HOUR: Damning report reveals personal information is regularly being breached

  • Astonishing 8,995 data breaches in the 17 largest Whitehall departments in 2015
  • Report found insufficient measures in place to stop sensitive data being lost
  • Concern is growing over whether other public bodies are vulnerable to the kind of cyber attack that crippled the NHS on Friday 

Defence Secretary Sir Michael Fallon, pictured yesterday before appearing on the Andrew Marr Show, was forced to dismiss claims that Britain’s four nuclear missile submarines were vulnerable because they used an old computer programme

Defence Secretary Sir Michael Fallon, pictured yesterday before appearing on the Andrew Marr Show, was forced to dismiss claims that Britain’s four nuclear missile submarines were vulnerable because they used an old computer programme

Personal information held by Government departments is being breached at least once an hour, a little-noticed study recently revealed.

The damning report – by the Commons’ Public Accounts Committee (PAC) – found insufficient measures were in place to stop sensitive data being lost, wrongly shared or hacked, potentially leading to ‘significant harm’.

There were an astonishing 8,995 data breaches in the 17 largest Whitehall departments in 2015 – a staggering 24 a day, according to the report.

Some 98 per cent were at HM Revenue and Customs and the Ministry of Justice (MoJ).

Concern is growing over whether other public bodies are vulnerable to the kind of cyber attack that crippled the NHS on Friday.

Scotland Yard has 10,000 computers using the outdated Windows XP system, which cyber criminals exploited, leaving thousands with cancelled operations or appointments.

Defence Secretary Sir Michael Fallon was forced to dismiss claims yesterday that Britain’s four nuclear missile submarines were vulnerable because they used a system based on the old computer programme.

He ruled out concerns over the threat to the operating systems used by the Trident nuclear deterrent.

In February Chancellor Philip Hammond warned that significant cyber attacks were increasing in frequency, with 188 foiled in just three months.

The recent PAC report said poor reporting of low level breaches, such as emails containing personal details being sent to the wrong person, reduces confidence in the ability of ministers ‘to protect the nation from higher threat cyber attacks’.

In some cases, a single breach would involve the disappearance, theft or inappropriate sharing of the personal information of thousands.

Scotland Yard, pictured, has 10,000 computers using the outdated Windows XP system, which cyber criminals exploited on Friday

Scotland Yard, pictured, has 10,000 computers using the outdated Windows XP system, which cyber criminals exploited on Friday

In January 2015 MoJ officials lost two CDs with sensitive details on high-profile inquiries into police involvement in three controversial deaths.

The threat of cyber attack has been one of the UK’s top four risks to national security since 2010.

Yesterday it was claimed that of the Metropolitan Police’s 27,000 computers, 17,000 have been upgraded to Windows 8.1 – meaning 10,000 are using the old system.

Scotland Yard chiefs have warned staff against opening suspicious emails that might contain the virus demanding a ransom payment to unlock computer systems.

Concern is growing over whether other public bodies are vulnerable to the kind of 'ransomware' cyber attack that crippled the NHS on Friday.

Concern is growing over whether other public bodies are vulnerable to the kind of 'ransomware' cyber attack that crippled the NHS on Friday.

The Metropolitan Police insisted their systems have ‘a number of layers of industry-leading security, which we have been monitoring closely over the past 24 hours’.

Amid concerns that the Trident nuclear deterrent was vulnerable to a ransomware attack, Sir Michael told the BBC’s Andrew Marr Show: ‘We never comment on the different systems, obviously for reasons of security, that our submarines use.

‘But our Vanguard submarines I can absolutely assure you are safe and operate in isolation when they are out on patrol and I have complete confidence in our nuclear deterrent.’

Officials last night admitted NHS hospitals had been sent a ‘patch’ two weeks ago that protects against the virus – but apparently not all hospitals had updated their systems.

There were an astonishing 8,995 data breaches in the 17 largest Whitehall departments in 2015 – a staggering 24 a day, according to the report. Some 98 per cent were at HM Revenue and Customs, pictured, and the Ministry of Justice

There were an astonishing 8,995 data breaches in the 17 largest Whitehall departments in 2015 – a staggering 24 a day, according to the report. Some 98 per cent were at HM Revenue and Customs, pictured, and the Ministry of Justice

The ‘Wanna Decryptor’ virus exploits a vulnerability in Microsoft computer systems that was first discovered and developed by the National Security Agency in the US.

The key to exploiting this was later leaked by a hacker group known as Shadow Brokers.

In March, Microsoft developed a ‘patch’ that protects against the hack – but experts said few NHS organisations had downloaded it.

However, the patch would not have protected the many computers in the NHS still running Windows XP.

Roughly one in 20 NHS computers – 4.7 per cent – run on this system.

NHS Digital said many of these cannot be updated because they are running MRI machines and other major pieces of equipment.

They have advised hospitals to take such items off their main internet networks and run them instead on smaller, more isolated systems to defend them from attack.

I can't go on much longer without seeing a doctor 

Sarah Bibby has been left housebound and struggling to walk because she is unable to book a hospital appointment.

The mother-of-four has been having problems with a catheter and is concerned that unless she sees a doctor it could get worse.

The 36-year-old has sciatica – which causes severe pain in her lower back – and usually takes a dose of morphine four times a day to ease her symptoms.

But since the cyber attack she has been unable to pick up a repeat prescription at Blackpool’s Victoria Hospital, as they cannot access her online records.

Mrs Bibby, who lives in Thornton, Lancashire, said: ‘I’ve been trying to get an appointment since Friday but I keep being told to call back.

'I can hardly move and I can’t get myself cleaned or bathed properly, let alone the kids.’

Her eldest, Cameron, 16, is staying with her parents for now but she has three other children to look after – Alexis, ten, Leland, eight, and Layla, two.

Her husband Daniel, 36, has been helping but has a paralysed arm – the result of a snapped nerve six years ago.

‘I’m usually the one to look after the kids and now he’s having to do it all,’ Mrs Bibby said. ‘He’s doing a great job but we can’t go on for much longer.’

The comments below have not been moderated.

The views expressed in the contents above are those of our users and do not necessarily reflect the views of MailOnline.

We are no longer accepting comments on this article.