Government have lost millions child benefit bank details

HopeElizzy

Like most others on this thread I am concerned about the monetry problems associated with the loss of our information.
BUT I am more concerned with the fact that someone has my children's details. If information like this is sold on could it find it's way into the hands of paedophiles? They would have my children's names, addresses, date of birth - I feel like this has endangered my children. I hope I'm over-reacting but I find it very worrying.

dealsearcher

HMRC is an organization that doesn't just request our data it demands it. You get a tax demand not a tax request. Failure to provide the required information can and often will result in legal action against you. Therefore these people are under the highest obligation to ensure our information is kept secure and by the most secure method.

This along with the shear magnitude of the numbers of people effected (nearly half the entire population) makes it beggar belief that such an elementary mistake could have been made.

Hotblu has made some very good points and as an employee of HMRC who states that they can not see how this information could have been copied in the first place I for one am worried. It is quite possible that fraud has already occurred within the relevant department of HMRC. A disgruntled worker? It appears that is all it would take for 25 million citizens to have their data stolen. Clearly one worker, disgruntled or otherwise, had access to all of this data and could copy it.

Jo_F

And would you belive it, but I have just found out via another forum that these government departments are excluded from the DPA.

Oh and found this too
http://cgi.ebay.co.uk/ws/eBayISAPI.dll?ViewItem&rd=1&item=290184203092

Mikeyorks

Jo_F wrote: »

And would you belive it, but I have just found out via another forum that these government departments are excluded from the DPA.

No .. I wouldn't believe it ..... because it's totally untrue. All HMRC systems are registered with the appropriate DPA certification -although whether this tax credit system is registered to supply data to an external NAO system .... is a different matter.

kelloggs36

Jo_F wrote: »

And would you belive it, but I have just found out via another forum that these government departments are excluded from the DPA.

Oh and found this too
http://cgi.ebay.co.uk/ws/eBayISAPI.dll?ViewItem&rd=1&item=290184203092

Perhaps Mr D would like to bid for them to get them back lol!!!! I thought that this was really funny (although of course the situation is not funny at all!!)

Mikeyorks

HopeElizzy wrote: »

They would have my children's names, addresses, date of birth - I feel like this has endangered my children. I hope I'm over-reacting but I find it very worrying.

Yes ... I seriously consider you're over-reacting. But you might wish to consider that the HMRC data possibly puts them less at risk than your publishing what I imagine are their pictures .. as your avatar? I don't personally see paedophiles around every corner .... but in this rather odd day and age, it's not data I would make freely available?

James

It has happened so here are some suggestions what actions you can take:

HMRC Data Breach - What to do.

cwp500

how about a conspiracy theory on this one?

Is it all some clodhopping false flag excercise?

Oh dearie me, 25 million peoples private data has been mysteriously lost in the post (why the hell they used one of the least secure despatch methods is a mystery). The Government decides that, to prevent any such occurence in the future a master database is to be set up incorporating all such data and linked to fingerprinted i.d. cards.

Image recognition software will be used to "purge" duplications and fraudulent claims.

To ensure that the system is sound, there will be "random" checks and investigations made across the whole database to "ensure that genuine claimants are receiving their correct entitlements."

fantasy?

cwp500

kelloggs36 wrote: »

I do feel sorry for Mr Darling (and I really don't like him!!!) as whilst he is responsible for the Treasury, he has absoloutely no idea of how the systems work and ALL the staff involved - the person who copied the stuff, the manager who authorisied it being sent in the post and quote]


Agreed but, assuming its not some false flag excercise to bully through further inroads into civil liberties, Darling has to be made an example of - Brown doesnt need any more lame ducks.

Tony Blair must think it is all hilarious.

Mikeyorks

blind-as-a-bat wrote: »

Personaly i would like to see some sort of information regarding how it was encrypted then we all could asses the threat for ourselves with the above in mind

It wasn't encrypted ... it was just password protected. Had it been encrypted - then Alistair Darling would have added that yestyerday, when he was struggling for any 'good news' in the Commons.

I don't go with any conspiracy theories .. this is just a piece of idiocy, and compounded by NAO asking for bulk data without the name / address data being anonymised. As alleged custodians of auditability ... they, in particular, should know better.

But I do remain puzzled (post #14) as to how anyone gets 25M records each containing name / address / dob / NINO etc etc ..... onto 2 x CDs. As HMRC do not opt for data compression on the address etc. Suspect the children's records have minimal data - and linked to the family record by reference. Even so, still a tight fit.

I'm also puzzled as to how an HMRC employee managed to copy the data. HMRC contract their IT .... it hasn't been done in-house for 15 years. They do have smallish IT units on their major sites, such as this one, for looking after all the PCs / local spreadsheet applications etc. But that does not usually extend to database manipulation - as the custodianship of all of that is part of the contract with their IT partner. So I'm a bit puzzled that the data was allegedly copied onto disc by HMRC - suspect there's a bit missing in the telling there? But I hope Mr Gray checked out it was one of his staff - before he jumped.