Lost drive? So what?
The drive was securely encrypted and data further encrypted/obfuscated to frustrate any attempts at unauthorised recovery.
They only have to worry if their procedures were so lax as to allow someone to attach a generic drive (unencrypted) and to copy the data over in the clear.
And only total amateurs would allow such a thing to happen, professionals dealing with vast amounts of sensitive information would be experts at handling such information securely.
Ad-hoc encryption (just write it into your procedures) is a piece of piss, has no real overhead and is better than nothing (just try TrueCrypt if you don't believe me).
System-wide encryption is harder but still doable and is certainly cheaper than having your ass sued off when (not "if", "when"!) you lose the data vessel.
There is no excuse for sensitive data of any kind leaving a facility in the clear other than gross incompetence/negligence.
Perhaps the USA would like some advice from the UK government on data securty?
Oh...wait a minute...
- NASA boffin: RIDDLE of odd BULGE FOUND on MOON is SOLVED
- SOULLESS machine-intelligence ROBOT cars to hit Blighty in 2015
- BuzzGasm! Thirteen Astonishing True Facts You Never Knew About SCREWS
- Worstall on Wednesday YES, iPhones ARE getting slower with each new release of iOS
- Tor attack nodes RIPPED MASKS off users for 6 MONTHS