The Leicester City Council has lost a USB memory stick that contained security codes which could allow access to people's homes, as well as medical information on 4,000 vulnerable and elderly people under its care.
The USB stick, which was lost by LeicesterCare, a support service for vulnerable people offered by the council, also contained access codes for 2,000 people who use them to open boxes that contain the keys to their homes.
A spokesperson of the council, which is being investigated by the Information Commissioner's Office, said that it had informed the affected residents about the breach, along with their next of kin. The council also said that it was in the process of changing the access codes for the 2,000 people.
“At this time we have no reason to believe this data has been removed deliberately. However, whilst we have been assured by our supplier that the information on the device is not accessible to anyone who may find it, we are taking every precaution to maintain the security of our LeicesterCare users,” the spokesperson said in a statement.
The council could face a hefty fine from the ICO as the data protection regulator confirmed that it was aware of the breach and was making inquiries into the matter.