Government have lost millions child benefit bank details

weymuffred

hotblu wrote: »

Hello dmg24,

As I said, understand where your coming from and guess your right, just wait and see. But, if it was as simple as the discs are in a postal room (mislaid) etc I belive they would have been recovered by now. HMRC have gone as far as searching DWP offices (when it's got nothing to do with them). Because I work for them and sometimes get a better understanding (not in this case) of what's going on I am very worried as I have no trust in HMRC. I agree we shouldn't panic, but a little easier said than done, after all this is the largest scale data protection breach in UK history- don't really think much you can compare past breaches and outcomes to this one.

Hotblu

And we why did they wait so long before making it public?

wherediditallgo

There may well be an element of scaremongering involved. However, in many cases, benefit is the only money coming into the houshold, & sometimes all the benefits go into one account. If someone's household income is so limited & they are so dependent on that money, sitting & waiting isn't going to be good enough. The children still need to be fed, clothed etc, & those parents need to know what they should be doing to get their benefit on time & securely from now on.

Jo_F

I for one am not panicing, but, I was one that was forced to get a basic account to have this money paid into, the system with the payment book worked so why change it? So I sorted out an account like I was told to do, and I gave the information to the CB people.

I trusted a faceless organisation with my personal details and those of my children.

And now I find out that they have 'lost' a copy of that information, if this was a bank or some other company then I could vote with my feet and go elsewhere, but what can I do when it's a government department? Basically nothing, I have to take what this government dishes out, no matter how hard I try to vote them out.

Well I am sorry Mr Darling, but your apology in the commons yesterday just isn't good enough, Sorry means that you regret it and that you won't let it happen again. I don't belive you, this is one in a line of information that has 'wandered' and sorry just doesn't cut it.

What they should be doing now is arranging for new NI numbers for those affected, new CB numbers for the children (as these CB numbers will become the child's NI number), and paying for the extra security on everone's credit files to ensure that any activity is flagged and investigated.

A point that was made on another forum is that these disks contain the details including addresses of service men and women. and their children, what a wonderful thought if these disks don't fall into the hands of a your regular fraudster!

If some solicitor out there is considering DPA action against the HMRC and the Government, then I for one want to be included in action against them, I am bound by the Official Secrets Act, this goes way further than that, and as such they HAVE to be held accountable.

Debt_Free_Chick

hotblu wrote: »

The bigger picture is, whoever has the discs will sit on them until the dust settles. They can then use your details to do the following and more; open bank accounts, apply for credit cards, access your exsisting bank accounts, divert your child benefit payments & child.working tax credits payments, make fraudulent claims for other benefits etc etc.
Also, what HMRC haven't mentioned is that every child in the UK is issued with a National Insurance number at birth, so imagine how long this could go on for if they have your childrens NI numbers. They could do the same to them as to you in years to come.

Can you please explain how a fraud can be committed?

If I post my name, address and bank details on here, how can someone open an account in my name?

Anyone who has opened an account will know that you have to provide PROOF that you are who you claim to be and PROOF that you live where you say you live.

So ... you need to supply a birth certificate, passport, driving licence or other evidence of your identity.

And you need to supply a recent bank statement, utility bill or CT bill to prove you live where you say you live.

And then, everything to do with that account gets sent to your home address anyway i.e. it gets sent to you.

So how .... just how .... can knowing some details actually result in identity fraud?

Debt_Free_Chick

The DPA is not and never was intended to guarantee that mistakes would not happen, or that your details would not be accidentally revealed.

The DPA requires those that control data to have adequate systems in place to minimise the risk of unauthorised disclosure of personal data - not to eliminate it.

The DPA is concerned with overall systems & controls. If the system works "most of the time" and is considered to be generally robust, then the IC will take no action.

Personally, I think the media are simply hyping this up ..... like most other things.

Fran

Debt_Free_Chick wrote: »

So how .... just how .... can knowing some details actually result in identity fraud?

If someone did have details they could then target people and raid their bins such as happens already couldn't they? I agree it's not as simple as that though and only the richer amongst us should be worried because if I had those discs I wouldn't waste time with the poorer majority - as it's Child Benefit anyone with children can claim.

wherediditallgo

Debt_Free_Chick wrote: »

Can you please explain how a fraud can be committed?

If I post my name, address and bank details on here, how can someone open an account in my name?

Anyone who has opened an account will know that you have to provide PROOF that you are who you claim to be and PROOF that you live where you say you live.

So ... you need to supply a birth certificate, passport, driving licence or other evidence of your identity.

And you need to supply a recent bank statement, utility bill or CT bill to prove you live where you say you live.

And then, everything to do with that account gets sent to your home address anyway i.e. it gets sent to you.

So how .... just how .... can knowing some details actually result in identity fraud?

I don't think it happens from one bit of data, but from being able to marry up at least two bits of data related to one person. The cd will contain addresses, NI numbers, account info etc. Assuming the data can actually be read, it's possible for the data to be sold by region. Also, a lot of people don't shred their financial paperwork, so having addresses would make it easy enough to raid the rubbish & get documents that way. One person couldn't do a lot with the info themselves, but dividing it up amongst several people could do a lot of damage.

When money was taken from my friend's bank account a couple of years ago, no paperwork was needed. Her bag was stolen while we were in the pub, & her debit cards were in it. So the thief knew where she lived (she had a letter in a bag), had her account number, knew her bank & knew her name. Within the two hours between the bag being taken & being noticed as missing the person had done a small sop & had taken money on cashback from Sainsbury's who'd allowed them to get it without a PIN, & had also rung the bank trying to get an overdraft authorised immediately on the account. Even though the theft was reported the same night & the cards stopped, the crooks were still able to use one of her cards to buy a dvd player in another shop two days later. :mad: You can't rely on the card being stopped to block a transaction.

Also, if someone has money paid into an account which is known to carry a debit card, it's possible to order on the internet & get the item delivered to another address without providing any paperwork. I don't know how much notice is taken of the security code on the back of the card, because one day I ordered something & quoted the code from another card by mistake - the goods still arrived. It won't work in every instance, but if a crook gets even 5% of what they aim for, they're still quids in. And you can order a copy of a birth certificate over the internet for under £10 without providing any other evidence of your identity.

davethecue

Hi
If we had all been forced into ID cards by now,would they have to be scrapped and re-issued ?
Or maybe they will put everyone's data on a couple of CD's and put them on e-bay sorry I mean put them in the post

Wyndham

Am I the only person who is wondering why on earth they were copying data onto disks in the first place? Don't we live in the electronic age? There are many and varied ways to send files between different systems, with lots of levels of encryption if required.

It's just odd for any halfway decent organisation to do it this way.... oh, hang on, I see!

kelloggs36

Quite. As the information is so sensitive, why did the NAO not travel up to the Child Benefit Centre and carry out the audit (or whatever it was for) there? There was no need for this info to be taken out of the office at all. HOwever, I do feel sorry for Mr Darling (and I really don't like him!!!) as whilst he is responsible for the Treasury, he has absoloutely no idea of how the systems work and ALL the staff involved - the person who copied the stuff, the manager who authorisied it being sent in the post and the NAO person who requested the info should all go as they were all directly involved in this huge co** up. Whilst some may see Mr Gray's departure as premature, he has done the right thing by not doing as the Chief of Police has done and hang on in there despite calls for his resignation. I admire him for that but he should be made to stay to investigate what the hell went wrong and then leave.