The most recent and biggest single data breach by the MoJ was the loss of an unencrypted memory stick containing personal details of employees in March this year.
In the second biggest breach in the past year, MoJ supplier EDS lost a portable hard disc in September 2008. Initial reports indicated that thousands of records had been lost, but the MoJ said only 256 staff members were potentially affected.
These and two other incidents accounted for the loss of 1 849 records reported to the Information Commissioner's Office (ICO).
The MoJ admitted to losing an additional 157 records in another six minor data losses that "did not fall within the criteria" for reporting to the ICO. These incidents involved the loss of inadequately protected electronic equipment, devices or paper documents, or the unauthorised disclosure of data.
Although thousands of people are potentially affected by the breaches, this marks a improvement on the MoJ's performance the previous year.
In the annual accounts for the preceding year, the department admitted to losing the personal details of 45 000 people in nine separate incidents.
The MoJ said in a statement that the department takes the protection of personal data extremely seriously and is committed to ensuring that information is shared in a safe and secure way.
"Whilst any loss of data is regrettable, all Ministry of Justice incidents have been reported and the necessary action taken", a spokesman said.
The MoJ has set up a dedicated Information Assurance Programme for the coming year to address information risks and inspire public trust and confidence, he said.
"All staff have now undertaken mandatory training to raise their awareness of the vital importance of data security", he said.
This article was first published by Computer Weekly