Lost drive? So what?
The drive was securely encrypted and data further encrypted/obfuscated to frustrate any attempts at unauthorised recovery.
They only have to worry if their procedures were so lax as to allow someone to attach a generic drive (unencrypted) and to copy the data over in the clear.
And only total amateurs would allow such a thing to happen, professionals dealing with vast amounts of sensitive information would be experts at handling such information securely.
Ad-hoc encryption (just write it into your procedures) is a piece of piss, has no real overhead and is better than nothing (just try TrueCrypt if you don't believe me).
System-wide encryption is harder but still doable and is certainly cheaper than having your ass sued off when (not "if", "when"!) you lose the data vessel.
There is no excuse for sensitive data of any kind leaving a facility in the clear other than gross incompetence/negligence.
Perhaps the USA would like some advice from the UK government on data securty?
Oh...wait a minute...
- Product round-up Six of the best gaming keyboard and mouse combos
- China building SUPERSONIC SUBMARINE that travels in a BUBBLE
- Boffins attempt to prove the UNIVERSE IS JUST A HOLOGRAM
- Review Raspberry Pi B+: PHWOAR, get a load of those pins
- 6 Obvious Reasons Why Facebook Will Ban This Article (Thank God)