The Department for Work and Pensions (DWP) has admitted that it does not keep a running total of security breaches committed on its sensitive Customer Information System (CIS) database, prompting accusations that it is not taking adequate steps to protect personal data from intruders.
[…]
The DWP said it did not know how many security breaches had been committed by the 200 000 staff across all the organisations who routinely use the CIS.
“Central records are not maintained of this information and thus it is not possible to answer your request without collecting this information,” the DWP told Computer Weekly in answer to a Freedom of Information request. It saidcollecting the information would be too costly.
Read more on InfoSecurity (UK)
Thanks to Brian Honan for this link.