Southend-on-Sea borough council in the United Kingdom is reviewing its procedures after a laptop computer containing social services case notes on local children turned up on the eBay auction website. The council disposes of its used computers through not-for-profit organization Revitalise, which employs disabled people who work with IT technicians to recondition used computer equipment for cheap resale to schools and voluntary groups. A council spokesperson said the laptop had “gone missing” from Revitalise, but the council had not been aware of the loss until the individual who bought the machine on eBay found the social services information and reported the matter to the council. The data found on the machine is understood to include fostering, adoption and child protection information dating from between 1999 and 2003, The laptop is now in the possession of Essex and Surrey Police. The spokesperson confirmed that Revitalise was supposed to wipe hard-disk drives before reselling the machines. He added that the council did not know how many other computers had gone missing from the organization. The council is contacting the families of the children whose details were found on the recovered laptop and has also set up a helpline. Paul Greenhalgh, corporate director of children and learning at the council, said: “We are taking this matter very seriously. We are working with the police and have conducted a full investigation and review of our IT disposal procedure. As a further safeguard we have commissioned the Society of IT Management to undertake a further audit of our procedures.” The council said this was the first incident to have come to light in the five years since Revitalise began handling its used computers and it was “in dialogue” with the organization to find out how the problem occurred. The loss of the Southend machine follows a string of other recent data security breaches involving laptops. Earlier this week, Marks & Spencer warned 26,000 staff that their personal data was at risk following theft of a laptop computer containing pension information from a printing firm contracted to produce pensions correspondence. Last week a laptop holding payroll data on 10,000 NHS staff was stolen from locked and alarmed premises at the Royal Cornwall Hospitals trust. And in March, police recovered another NHS laptop, containing the names, addresses and dates of birth of 11,500 children, which had been stolen from Nottinghamshire Teaching primary care trust. — Tash Shifrin, Computerworld UK Related content feature Top cybersecurity M&A deals for 2023 Fears of recession, rising interest rates, mass tech layoffs, and conservative spending trends are likely to make dealmakers cautious, but an ever-increasing need to defend against bigger and faster attacks will likely keep M&A activity steady in By CSO Staff Sep 22, 2023 24 mins Mergers and Acquisitions Mergers and Acquisitions Mergers and Acquisitions brandpost Unmasking ransomware threat clusters: Why it matters to defenders Similar patterns of behavior among ransomware treat groups can help security teams better understand and prepare for attacks By Joan Goodchild Sep 21, 2023 3 mins Cybercrime news analysis China’s offensive cyber operations support “soft power” agenda in Africa Researchers track Chinese cyber espionage intrusions targeting African industrial sectors. By Michael Hill Sep 21, 2023 5 mins Advanced Persistent Threats Cyberattacks Critical Infrastructure brandpost Proactive OT security requires visibility + prevention You cannot protect your operation by simply watching and waiting. It is essential to have a defense-in-depth approach. By Austen Byers Sep 21, 2023 4 mins Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe