back to article How HMRC gave away the UK's national identity

Early last month Her Majesty's Customs and Revenue apologised after a laptop containing data on 400 customers was stolen. At the time the Revenue was praised by the security industry for coming clean and its "refreshing level of ethical responsibility". Earlier this month that it had lost pension records for 15,000 people which …

COMMENTS

This topic is closed for new posts.

Page:

Coat

They're right...

"The banking industry would like to reassure its customers that sort code and bank account, national insurance number, date of birth, name and address details are not enough in themselves for an ID fraudster to access your bank account"

It's true. You have to actively pick up the phone and then SAY those bits of information to the person at the other end with your MOUTH.

Then and only then can the fraud be committed.

0
0
Alert

Free credit record checks

Let's face it - all of the affected individuals are going to have to start checking their credit files on a monthly basis from now on. To suggest that the details that were stolen are not enough to commit fraud is simply laughable.

May I suggest that HMRC arrange for all of the affected individuals to receive free monthly credit reports from Equifax and Experian for the next couple of years?

0
0

The culprit must go as well ... come back, Comp Sci graduates!

Back in the 80's, Clive Ponting and Sarah Tisdall were sent for trial for leaking government information.

As someone has already observed, the idea that someone with sufficient authority to have access to that entire dataset is also incompetent enough to think that it was OK to transfer the data in that fashion beggars belief - they need keel-hauling, as does the chain of command that permitted it.

Perhaps Andy Hopper at Cambridge should now start making more noise about the fact that even a brand new Computer Science graduate would not have made that elementary mistake !!

0
0
Unhappy

what about the safety of children?

So these discs have the names, ages, and address of (hundreds of thousands?) of children?

What if pedophiles get this information?

Unbelievable!

0
0
Unhappy

Sheesh

Questions that should be asked in the house....

Why was a "Junior" person within HMRC able to dump the contents of the database in the first place?

Were the IT Dept involved? If the data fitted one one CD, it'd be a piece of cake, spanning multiple CD's makes it trickier as anyone who has tried such things will know, so the DB was either extracted in two portions or was copied using some form of backup/span. Either way it took a bit more savvy than a simple "File Save".

According to Radio 4 this morning, the NAO questioned the amount of data they had received previously and asked for less identifiable info, but they were sent the same level of detail. So, this dump would appear to be the standard that gets provided whenever a gov.uk employee asks for anything. Where else has this data been sent?

What happened to the previous CDs? We are told they were sent from Newcastle to London, arrived, were used and then returned. Were they ever copied? do the originals or any copies still exist (maybe on someone's desk, gathering dust before being transferred to a draw once they forget what is on them).

According to a spokeswoman on the radio last night, this problem arose because the "systems are old" and the ID card system would be "new state of the art and inherently more secure". Hmm, we need to ask what drugs She is on.

0
0
GT
Unhappy

419 Scamsters

Isn't the lost data exactly what 419 scamsters use to drain your bank account?

0
0
Anonymous Coward

This is where the vaunted Market comes in...

The Chancellor of the Exchequer told the House of Commons that there was "no evidence" that the CD had fallen into the hands of criminals. Let's think that over for a little while, shall we?

1. Everyone in the world no knows that a CD containing 25 million taxpayer records has gone missing.

2. Arguably, there exist criminals who could think of profitable ways to use that information.

3. This is where the wonderful Free Market comes in - the one that Nu Laber ministers have been haranguing us about for 10 years.

4. The putative master criminals make it known that they are willing to pay £X for the CD. Alternatively, if they know who has it, they offer to let that person go on living.

5. Bingo! The CD has wound up in "the wrong hands". See how easy it was? Thanks to the marvels of capitalism, it was just as inevitable as water running downhill.

0
0

quite funny...

"customers can have peace of mind that they enjoy protection under the Banking Code" - yes this is very very enjoyable that the banking code have put things in place, I'm not sure it's an enjoyable experience dealing with it, especially as you now have to go through the bank, the police are not interested in ID Theft, or others fraudulently taking money from your account, probably because they have too many people smoking cigarettes while driving to pull over.

0
0

Physical size of data

"Even 25 years ago, who could have possibly thought this is a safe way to send private information about 25 million people?"

25 years ago, all you would have got in an envelope is a few sheets of paper. The physical storage medium able to contain 25 million records would be the size of a suitcase, and a few years before that the size of a room. Now you can put millions of records on a laptop, CD, DVD, or memory stick the size of your thumb, and lose it in an instant.

Systems should be designed so there is no way copying of vast amounts of data on to portable media. If it needs to be physically transported instead of transferred over secure encrypted comms links, there should only be one place it can be done, and whatever medium is used on should be contained in a lock box changed the arm of a security guard for every second of the journey.

0
0
Flame

@ Not so junior member of staff By Anonymous Coward

No, it would be a middle manager who would have burned the CDs, who then would have thrown the CDs onto a junior's desk and told him/her to send them to the NAO because he can't be arsed to do it properly himself. The junior then sent them un-recorded because the junior knew no better or had no idea of the contents.

The junior will of course have been sacked and had their career ruined whilst the middle manager will be moved sideways to await an early retirement.

0
0
Flame

TNT Bulk mail

TNT bulk mail gets delivered by a contractor who is......

Royal Mail.

So one Government department saves money by sending mail through a private company who uses another Government owned company to deliver it.

The world has gone fucking mad.

0
0

Re Sheesh

"Were the IT Dept involved?"

Has to be. Nobody else has access to the entire database, or a CD writer. Records can be accessed one at a time, and only if the reference number/National Insurance number is known.

The BBC referred to an IT worker this morning.

It's a bit rich the Tories trying to exploit this. Does anyone believe it wouldn't have happened if they'd been in charge?

0
0
Alert

It's Sacking Time

"I work for HMRC (no not in the Child Benefit Office) and I will let you know why the data was sent in CD format - the simple reason is that the vast majority of staff DO NOT have an external email address so they can email info to people outside of HMRC."

Un fucking believable. You WOULD have EMAILED a 25 million record database containing highly sensitive, personal data?

Thank your lucky stars that the Register allows YOU the privilege of remaining an Anonymous Coward - that more than your 'customers' get.

0
0
Ash

@Tom Welsh

"... as inevitable as water running downhill."

Some chap called Archamides solved that issue 300 years before Jesus.

Sennacherib 400 years before him.

0
0
Alert

Goes much wider!

I believe that the data was requested by the National Audit Office as part of the National Fraud Initiative which gathers together data from all sorts of sources and cross references to look for fraud i.e. employees claiming unemployment benefit etc.

There has been a big fuss in Local Government circles (still being tracked and reported by Public Sector Forums) because the NAO inisisted that every Local Authority in the land sent them employee data; all the usual personal info, as well as bank account numbers, sort codes etc. without anyone (in my authority anyway) knowing why. We had 'we might use your data' paragraph on our payslips - but there was nothing about NAO fraud investigations!

There was also no information about how nothing about how the data was sent, was it encrypted, password protected etc. It appears to have been left to each authority to make up its own mind - if memory serves it was also sent to a third party not a government office.

There have even been concerns about the legality of the amount and detail of data being requested by the NAO. I don't know how far the NAO can reach, but it maybe that they can request data from any employer - even yours!

0
0
Happy

I actually feel more secure now!

The chances that:

a) These disks fall into the hands of bad guys

and

b) My details are one the first to be taken advantage off

must be smaller than winning the lottery. So for a minimal risk of being a victim of identity theft from this route we get hopefully better protection from identity theft from all routes if the 'keeping a closer eye on peoples accounts' is to be believed.

As soon as it is found that someone has become a victim because of this there will have to be a massive change over of bank details etc.

0
0

Whould that fit on a CD?

Surly a database containing 25,000,000 records of Name; Bank account details; DOB; NI; Address etc would be quite a few Gigs in size. How did that fit on a CD? Or am I missing something?

0
0
Silver badge

good news and bad news

The bad news is that even if the CD's are recovered there's no way of knowing if someone has copied them in order to sell the data in 6 months time when all the fuss has died down and everyone has stopped checking their accounts as regularly.

The good news is that the general public (ie the morons) are now very aware that the government cannot be trusted with their data. Mothers especially will probably be going ballistic right now - so there's eff all chance of a Nationanal ID database now - not by any government who wants to remain in power at any rate.

0
0
M

Hopefully...

...it two blanks because those measly office worker are too stuuupid to write CD-R and see if the fuss cover up the Northern Rock Fiasco.

What oh you have load those Excel without password, excellent...it sure good time to mention bad news eh!

0
0

@"what about the safety of children?"

"So these discs have the names, ages, and address of (hundreds of thousands?) of children?

What if pedophiles[sic] get this information?

Unbelievable!"

Paedophiles could find out where a large number of children live by walking down any given street in the country and seeing which houses the kids go into and out of. Or they could go to one of those places where lots of kids are stored in one building. What are they called? Schools, that's it.

They don't need a list of names and addreses to find children, you cretin.

Bank details, on the other hand, don't play in the streets where just anyone can see them.

0
0
Unhappy

"... the data lost is not enough to access bank accounts...

No, but it is more than enough to open one. Credit Card, pretty easy once the bank account is established (just deal with that troublesome "Oh I've changed addresses, you must have my old one" step first). Overdraft, pretty much defacto nowadays. Short Term Loan, easy with a solid set of bank account details.

So 25 million details, which ones to pick? Simple, you have the addresses. Think about where you live, now work out which streets the nice middle class people live on and search for those, then pick and choose.

Apply techniques in Paragraph one, and then multiply several thousand times.

I reckon about six weeks of work and you'd be able to set up enough accounts/cards/loans to make a decent amount of wonger. Leave rented house (rented using the database details, naturally - it's easy enough to fake an electric bill and the rest are just numbers) and head for Caribbean to live off your earnings.

No risk? - B*ll*cks. Glad I'm not on the list.

To continue the rant - why is the database accessible by a machine that has a CD/DVD burner attached? Why is the NAO asking for this data in the first place when the data is not supposed to leave the building? Why is the member of staff concerned so blase about the data that he feels it's ok to do this? Why has this happened several times and nothing has been done? Why are there not secure network links between all these government offices? Why are these clowns still in power? Why are they using TNT to deliver secure internal mail?

0
0
Anonymous Coward

@Lee Worthington

If you want to know more, talk to your Fraud department. If you dont know who they are, give you Housing Benefit team a call, they will know.

The Fraud team should know all about it.

0
0
Anonymous Coward

Encrypted or unencrypted?

From the Guardian:

"Darling revealed that although the information on the CDs was not encrypted, but it was password-protected."

Can someone please explain what this is supposed to mean?

0
0

The Govt. department for Database Errors

Doesn't the Gov now have an entire department for this kind of database error - the DBERR (http://www.theregister.co.uk/2007/06/28/brown_assigns_minboff_n_minbiz/) ?

0
0

Title

If it's so easy to get this data out of the HMRC then one wonders how many times it has happened previously that neither the public or the mandarins know about?

If Darling has the gall to say that Bank accounts without passwords cannot be comprised then I suggest that he publishes his own similar details and see what happens.

When they say that ID cards will be on more modern systems with greater security I have a vision that a few years down the line the data will be lost and the politician's excuse will be that procedures weren't followed.

0
0

How many times has it happened before

If it's so easy to get this data out of the HMRC then one wonders how many times it has happened previously that neither the public or the mandarins know about?

If Darling has the gall to say that Bank accounts without passwords cannot be comprised then I suggest that he publishes his own similar details and see what happens.

When they say that ID cards will be on more modern systems with greater security I have a vision that a few years down the line the data will be lost and the politician's excuse will be that procedures weren't followed.

0
0

@Encrypted or unencrypted?

It means that if you open the file in the software package that was used to save it, you will need a password, but if you open it in a plain text or Hex editor (for instance), you will be able to read the contents although they probably won't be formatted.

In short it means the data is effectively unprotected.

0
0
Silver badge

Open letter to the recipients of the CDs

Remember that most politicians, especially the more senior ones, are on the boards of numerous large companies and therefore have huge wads of cash in their bank accounts. Empty these accounts first, you know it makes sense.

0
0
Alien

Securicor ?

Surely this data should have been stuffed into a Armoured Car, sent of with a Police escort and signed for in triplicate by the mothers of the heads of both departments.

Since the government is so into biometrics, why don't they use the damn things themselves, why wasn't the data only accessible in its 25 million format by senior management only upon receipt of a dna confirmed stool sample.

Plus if it was so important to the NAO to have this data why don't they have a secure link into the HMRC with appropriate data access filters why are they even having to ring some "Junior" numpty anyway ??

I know the answers to all these questions are that the government couldn't run a IT project to save its collective asses and we will probably rebuild Iraq with a decent biometric system before we get one !

Alien icon because it feels like they have landed at the moment !

0
0
Anonymous Coward

Blame the IT department

Were I work anything that is copied to removable media is automatically encrypted and can only be read by equipment in the same company. This would be a start.

0
0
Alert

... not enough to access bank accounts...

Yeah, until some enterprising individuals send out surveys to obtain further information to help them scam us all. Ah, but wouldn't that require the addresses of everyone I hear you cry, oh wait, they already have that information too!! So, with a little effort, enough information could be obtained in order to get past any security questions the bank may have. I can hear it no.....Sorry, I can't remember my password....Ok sir, just answer these additional security questions.....mothers maiden name.....place of birth......first pet....very good sir, your new password is xxxxx, thank you and have a good day. I know how easy it is cos I've done it before (forgotten my password that is, not accessed other peoples bank accounts!!). I think it's time to go down to the bank and ask for a new account number, it's the only way to be safe and I thought I had been good shreading everything with personal information on it, why did I bother.

0
0
Silver badge
Go

Just sent this to my MP ...

... via http://www.writetothem.com. Please feel free to use it as a template:

Dear ,

I am extremely concerned about the loss of data from HMRC. There is something fundamentally wrong with the whole system:

1. How was an entire data dump to removable media even possible without at least several layers of security and permission?

2. Why was sensitive information sent in unencrypted form (this would apply regardless of the means used (see point 3 below)?

3. Why was physical transfer of data disks necessary? It should have been possible to send this directly via a network (though see point 4 below).

4. What does the National Audit Office want the information on 25 million people for? (I have one legitimate answer in mind, but I want to know yours).

5. Why was a courier service with a known lousy record chosen for this service? What was wrong with supporting the Royal Mail?

Beyond these questions on the specific incident, there are three others:

a) Will you support a full investigation of this incident, with penalties including prosecution under the Data Protection Act ?

b) Will you support the creation of a government-funded compensation and assistance scheme for any victim of identity fraud if it can be shown that, on the balance of probability, their data came from this database?

c) Do you still support the creation of a national ID database in the light of the incompetence shown here?

Yours sincerely,

0
0
Stop

Imagine this leak after the Biometric ID is in place...

So if the govt goes ahead and creates the National ID scheme, including Biometric details of each of us, they would have to be stored in a database, probably beside our names, or National Insurance numbers, or bank details, or the names of our children, or our addresses.

Then someone asks for a copy and it goes missing.

The Chancellor & APACs say not to worry, meanwhile I am cutting off my own fingers and gouging out my eye!

Not only is this a disaster, but further ID card schemes, especially Biometrics will only add to the problem.

0
0
IT Angle

We now know whodunnit (kind of ...)

... turns out - according to the Daily Mail - our 'junior official' is a 'computer specialist'. Sorry guys but you are evidently part of the problem, not the solution (hear me BOFH?)

http://www.dailymail.co.uk/pages/live/articles/news/news.html?in_article_id=495369&in_page_id=1770&ct=5

0
0

Every organisation in the UK...

... is bound by the EU data protection laws. These are pretty clear cut when it comes to handling of data. The data should only be made available to those users who have valid business reasons to do so. So making the entire database available to someone in a completely different department breaks not only their internal precedures but the law in about 10 different ways.

The perpetrator of this has not even been fired according to reports.

My company test each and every one of us on these rules once a year to ensure we are familiar with the legislation. I know many other organisations do this too. It affects our bonus payment if we do not take these refresher courses.

If I did what this guy had done, even if it hadn't hit the media, I honestly think I'd be sacked.

What we've got here is the antiquated British civil service still floundering where most firms were 10 years ago.

The government enforce a the EU legislation but are completely incapable of adhering to it.

I for one will never have an ID card.

0
0
Thumb Down

Customer?

I object to being called a "customer" of HMRC and always have since they started using it some years back with the advent of "Hector" IIRC. The word implies choice. HMRC are an unelected, and largely unaccountable government body who I have no choice but to liaise with and use, and if they screw up I am lucky to get so much as an apology. If however I screw up, I get draconian penalties and fines. What supplier treats its customers like that?

Pah!

0
0
Pum

Does Alistair Darling have kids?

Two kids I believe! So his details should be on the disk - oh the irony of it!

Dear Whoever has those disks,

please search for "Darling, A" and fleece him first!

Alistair, if you're reading this, no need to worry - it's not encrypted, but it has a password!

0
0
Pum

Data Protection Act no use ...

... as they almost certainly have crown immunity - laws like that don't apply to them, just the "little people".

0
0

Am I missing something here...

...isn't this what the Government Secure Internet (GSI) supposed to be for?

(notwithstanding the DPA issues about data sharing)

...and for the biometric worriers - if your biometric info goes missing is it any good without your thumb or your eye.

0
0

And this is what we will not do.....

In OUT LAW (produced by Masons...) the following -

"A data breach notification law was recommended in a recent report by the House of Lords' Science and Technology Committee. Last month the Government responded (16-page / 90KB PDF) that it was "not so convinced as the Committee that this would immediately lead to an improvement in performance by business in regard to protecting personal information and we do not see that it would have any significant impact on other elements of personal internet safety."

The Government said it would "continue to observe the US experience and consider whether we need to find more formal ways of ensuring that companies do – as a matter of routine – contact the Office of the Information Commissioner when problems arise."

Aha, we can feel happy in our beds, the gov is watching what the US is doing......

0
0
Boffin

Securing a CD

I've been wondering about this - but haven't had time to play with it.

Couldn't one use TrueCrypt for securing a CD?

1. Create TC image on disk, just under CD size, using required level of paranoia settings you wish.

2. Mount the file, put files in it.

3. Unmount the file, then copy the TC file to the CD itself.

This assumes, of course, that one can securely provide the passcode to the person receiving it.

I'm not saying it is a good idea for the government to do this, but I'd think this would work (haven't tried it yet)

0
0

Re: Customer?

Quite -- Ifind it mildly amusing, and extremely innapropriate, that an organisation that extorts money from people should call it's victims "customers".

0
0
Black Helicopters

Customers

Havent you heard ??

"Customers are at the heart of everything HMRC does"

Doesnt it give you a nice warm feeling inside to hear that ??

0
0

Illogical Reasoning

On BBC News this evening they said that the reason why *all* of the data was sent rather than just the names and NINOs was that it was too complex to extract just that data. Lesson number 1 in SQL:

select firstname, middlename, surname, NINO from ChildBenefits order by surname

GO

OK, it might be a little more complex than this as it's probably an ancient ICL or DB2 database. Perhaps it's true they are under-resourced in the IT department or perhaps EDS said it would cost £3000 to do the job. Or perhaps the next batch slot to run the query was in 2008.

0
0
Alert

Data Protection laws

Are useless, what I don't understand is why this isnt a breach of the Official Secrets Act which all government information, like that leading up to the Iraq War, is supposed to be governed by? Or is prosecuting those who expose embarrassing / criminal acts by our government more important than the ID fraud of 25 million Britons?

0
0
Lee

Douglas Adams knew this would happen

" Just look at cash point machines, for instance. Queues of people standing around waiting to have their fingerprints read, their retinas scanned, bits of skin scraped from the nape of the neck and undergoing instant (or nearly instant-a good six or seven seconds in tedious reality) genetic analysis, then having to answer trick questions about members of their family they didn't even remember they had, and about their recorded preferences for tablecloth colours. And that was just to get a bit of spare cash for the weekend. If you were trying to raise a loan for a jetcar, sign a missile treaty or pay an entire restaurant bill things could get really trying.

Hence the Ident-i-Eeze. This encoded every single piece of information about you, your body and your life into one all-purpose machine-readable card that you could then carry around in your wallet, and therefore represented technology's greatest triumph to date over both itself and plain common sense. "

0
0
Anonymous Coward

David - missing biometrics

I don't think it's a problem of the crims *using* your biometrics once they're nicked, though if they can access your environment, they may well be able to fake your fingerprints. It's more a problem of the false sense of security that embedding everything in a biometrics-based system gives.

Most checks against the biometrics will compare the local reader's findings with what's on your ID card. Once ID cards can be forged (and don't doubt it will happen) the crim will associate your ID with their biometrics on a card and everyone will take it as gospel. Which makes the whole biometrics thing useless for basic verification.

Having biometric data in a database doesn't make the database any safer, either, despite what that nincompoop at the despatch box said.

0
0

Page:

This topic is closed for new posts.

Forums