Myreader.co.uk  
uk news, chat and community
   home   |   control panel login   |   archive   |  
 
media
animation.anime
books.sf
broadband
broadcast.commercials
dvd
films
films.carry-on
home-cinema
media
newspapers
postproduction
radio.archers
radio.bbc-r1
radio.bbc-r2
radio.bbc-r3
radio.bbc-r4
radio.bbc-r5
radio.bbc-world-service
radio.hospital
radio.misc
radio.radcliffe
  
 
date: Wed, 21 Nov 2007 01:09:49 GMT,    group: uk.media        back       
Massive Breach in UK: Data on 25 million Benefits Claimants Lost in Post    
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Massive Breach in UK: Data on 25 million Benefits Claimants Lost in Post

Via NY Transfer News Collective  *  All the News that Doesn't Fit
 

This story is also at Channel 4 News here: http://tinyurl.com/34tzvg

The Telegraph (UK) - Nov 20, 2007
http://www.telegraph.co.uk/news/main.jhtml?xml=/news/2007/11/20/ncustoms620.xml

Data on 25 Million Benefits Claimants Lost in Post

By Gordon Rayner and Andrew Porter

Every parent in the country has been put at risk of fraud and
identity theft after the Government lost 25 million personal records
in Britainbs worst ever data protection breach.

Two compact discs containing bank details and addresses of 9.5
million parents and the names, dates of birth and National Insurance
numbers of all 15.5 million children in the country went missing
after a junior employee of HM Revenue and Customs put them in the
post, unrecorded and unregistered.

Alistair Darling, already under pressure over the Northern Rock
crisis, revealed the "inexcusable" blunder to incredulous MPs,
admitting that there was still no trace of the CDs more than a month
after they went missing.

The Chancellor, who first learnt of the "catastrophic" breach eleven
days ago but only disclosed the first details, insisted there was
no evidence the information "has found its way into the wrong hands."

But experts warned that the data could be hoarded for years by
criminal gangs before being used to commit fraud on an unparalleled
scale.

It means every family in the country will have to remain vigilant
for years to come, keeping a close watch on their finances for any
sign of fraud.

The discs -- which were not encrypted -- also contained all the
information a criminal would need to commit identity theft by
applying for loans, credit cards and goods in someone else's name.

Children's charities also warned that the information would be
"extremely useful" to paedophiles who could target specific children
and pose as their parents.

The failure by an agency which reports directly to Mr Darling piled
further pressure on the Chancellor in a week when he has already
faced huge criticism of his handling of the Northern Rock crisis
and on the same day that figures showed he was likely to overshoot
his B#38billion borrowing target for the year.

Shadow Chancellor George Osborne also suggested the fiasco marked
the "final blow" for the government's controversial National Identity
Card scheme because "they simply cannot be trusted with people's
personal information."

As well as questions over how the CDs could ever have been allowed
to get into the postal system, Mr Darling was grilled over why the
public had been kept in the dark for so long.

The CDs were posted on October 18 from HMRC's offices near Newcastle,
but failed to arrive at their destination, the National Audit Office
in London.

Managers at HMRC were not informed until November 8, and Mr Darling
was told on November 10, but the police were not called in until
November 15 -- a week after managers were told and five days after
Mr Darling knew about it.

HMRC said the staff member who sent the CDs assumed they had gone
missing in the postal strike or in an office move by the NAO and
kept quiet "hoping that it would turn up."

Paul Gray, chairman of HMRC, resigned over the affair, but Mr Darling
has not offered to quit.

Searches for the CDs -- which were being handled by parcel firm TNT
- -- are being carried out by the Metropolitan Police and an inquiry
into HMRC's breach of its own data protection rules has been launched
by the Independent Police Complaints Commission.

Mr Darling has also ordered an independent review of security
procedures at HMRC, which admitted just days ago to losing CDs with
the records of 15,000 Standard Life customers on them.

Mr Darling, who looked shellshocked as he revealed the scale of the
security breach to parliament, tried to reassure parents that
measures had already been put in place to prevent the information
being used for fraud, but advised all families to "check their bank
statements for any unusual activity."

He said: "The missing information contains details of all Child
Benefit recipients: records for 25 million individuals and 7.25
million families.

"These records include the recipient and their childrenbs names,
addresses and dates of birth. It includes Child Benefit numbers,
National Insurance numbers, and, where relevant, bank or building
society details."

The missing details account for almost half the entire UK population.

Child Benefit is paid to the parents of every child in the country,
regardless of their income, and can be paid up to the age of 20 if
the teenagers are studying for A-levels or on an approved training
scheme.

HMRC said the CDs had the details of 15.5 million children, 7.25
million claimants, and 2.25 million "alternative payees" -- spouses
or carers.

It confirmed that every parent in the country with children under
16 -- even the Prime Minister himself -- was affected.

Banks and building societies are now bracing themselves for a flood
of requests from customers to change passwords and pin numbers,
many of which are based on family names and dates of birth.

There were gasps in the Commons as Mr Darling outlined the background
to the security breach.

He said the chain of events began in March when a junior official
at HMRCbs offices in Washington, Tyne and Wear, sent two CDs
containing its entire Child Benefit data to the NAO at the NAO's
request.

On that occasion the CDs arrived and were returned safely.

Then in October the NAO made a similar request "and again at a
junior level and again contrary to all HMRC standing procedures"
two password-protected CDs were sent in the post using the courier
TNT.

Mr Darling added: "The package was not recorded or registered. It
appears the data has failed to reach the addressee in the NAO."
Incredibly, when it became obvious the CDs had not arrived, "a
further copy was sent by registered post which did arrive."

To ironic laughs from opposition MPs, Mr Darling added: "It is
highly likely that there have been breaches of the Data Protection
Act."

Mr Osborne said the Chancellor had "compromised the safety and
security of every family in the land."

He added: "Half the country will be very anxious about the safety
of their family and the security of their bank accounts and the
whole country will be wondering how on earth the Government allowed
this to happen. What is the point of this house passing laws to
protect the privacy of personal information if those laws are not
even enforced in the heart of Government?"

Acting LibDem leader Vincent Cable suggested the Treasury had now
replaced the Home Office as the department "not fit for purpose."

Explaining the delay in going public with the news, Mr Darling said
banks had asked for as much time as possible to "put in place
safeguards to protect people's accounts."

He added: "If someone is the innocent victim of fraud as a result
of this incident, people can be assured that they have protection
under the Banking Code so they will not suffer any financial loss
as a result."

Frank Abagnale, the reformed fraudster whose life story was turned
into the film "Catch Me If You Can," told the Daily Telegraph: "If
I had to bet I'd say someone internal had been paid to allow that
information to be stolen. They knew it was extremely sensitive."

Mr Abagnale, now a leading consultant on fraud and identity theft
who has advised the British Government on its ID card plans, said:
"If you have this data you are not going to use it today, not even
this year, but perhaps in two to three years time the breach will
show up.

"To the criminal, the longer they sit on this information the more
valuable it can become. They can sell off the information a bit at
a time. People can change their bank, their credit card, but they
cannot change their name and date of birth, or national insurance
number, and that is why this data is so valuable."

Mr Abagnale agreed that ID cards were a bad idea because: "You
cannot trust any agency with people's personal data."

Michelle Elliott, of children's charity Kidscape, said: "Could it
be any worse? Every parent in the country should be in uproar about
this. We are in a society where people won't even allow their
children's names to be printed in local papers because they are
afraid that information will be used by paedophiles, and now the
details of every child and parent in the country is out there,
perhaps in criminal hands. It goes without saying this data would
be extremely useful to paedophiles."

                                 *
=================================================================
 NY Transfer News Collective     *    A Service of Blythe Systems
           Since 1985 - Information for the Rest of Us
            Our main website:   http://www.blythe.org
   List Archives:       http://blythe-systems.com/pipermail/nytr/
   Subscribe:     http://blythe-systems.com/mailman/listinfo/nytr
=================================================================

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (FreeBSD)

iD8DBQFHQ4Vaiz2i76ou9wQRArZaAJ4+ZL/c3IPf9uarO+Je2P7KvF/u7ACgiU2s
x/6AULSlOLiF+kt8P0W/dEE=
=V6SO
-----END PGP SIGNATURE-----
date: Wed, 21 Nov 2007 01:09:49 GMT   author:   unknown

Google
 
Web myreader.co.uk


    COPYRIGHT 2007, YARDI TECHNOLOGY LIMITED, ALL RIGHT RESERVE  |   contact us