1 post • joined 8 Nov 2007
I'm an Information Security Professional and a victim
I'm an Information Security Professional and a victim of this, our government (rightly) expect companies to secure people's personal information (DPA), yet here is a government department who has yet again breached our trust.
There are several secure alternatives that the HRMC could of used to transfer this type of data to Standard Life, pretty much all of them are actually cheaper and more efficient that putting non-encrypted data on a CD and shipping by a courier.
Why has it taken so long to disclose? They knew about the lost CD for over a month before telling the folks that were affected.
Finally when I called them on Monday for more info about it, I was completely misled, and was told the data on the CD was encrypted, when it wasn't, which I had confirmed today.
This is just complete incompetence on HMRC's part, and it's not like it's the first time they done this sort thing, if it was a company rather than government I would certainly expect to see a big fine.
Read my Blog blog.itsecurityexpert.co.uk for more details.
- Hi-torque tank engines: EXTREME car hacking with The Register
- Review What's MISSING on Amazon Fire Phone... and why it WON'T set the world alight
- Product round-up Trousers down for six of the best affordable Androids
- Antique Code Show World of Warcraft then and now: From Orcs and Humans to Warlords of Draenor
- Why did it take antivirus giants YEARS to drill into super-scary Regin? Symantec responds...