A debit or credit card with an RFID chip? Not a good idea! Watch the video below:
WikiNews, Tuesday, November 20, 2007
British Chancellor of the Exchequer Alistair Darling announced to a shocked House of Commons today that two password-protected — but not encrypted — computer disks containing the entire Child Benefit database have been lost in transit between the offices of Her Majesty's Revenue and Customs (HMRC) in Washington, Tyne & Wear and the National Audit Office (NAO) in London, in what has been described as "one of the world’s biggest ID protection failures".
The database contains details of all families in the UK who receive Child Benefit — all families with children up to 16 years of age, plus those with children up to 20 years old if they are in full-time education or training — estimated to contain 25 million individuals in 7.25 million families. Among other items of information, the database contains names, addresses, dates of birth, child benefit and National Insurance numbers, and where appropriate, bank or building society account details.
The discs were created by a junior official at the HMRC in response to a request for information by the NAO, and were sent unregistered and unrecorded on 18 October using the courier company TNT — which operates the HMRC's internal mail system. When it was found that the discs had not arrived for audit at the NAO, a further copy of this data was made and sent — this time by registered mail — and this package did arrive. HMRC were not informed that the original discs had been lost until 8 November, and Darling himself was informed on 10 November.
The violation of data protection laws involved in the creation of the discs has led to strong attacks on the government's competence to establish the proposed National Identity Register, when all UK residents will have an identity card. Conservative Shadow Chancellor George Osborne described the loss of data as "catastrophic" and said "They [the government] simply cannot be trusted with people's personal information".
The Chairman of HMRC, Paul Gray, has resigned over the affair, and critics are calling for Darling to do likewise.
This is the third data embarrassment for HMRC in recent weeks — earlier this month it was reported that the details of over 15,000 Standard Life customers had been put on disk, and then lost en route from HMRC in Newcastle to Standard Life in Edinburgh — and last month a laptop containing the data of 400 people with high-value ISAs was stolen from the boot of a car belonging to a HMRC official who had been carrying out a routine audit.
Sources
- Elizabeth Stewart "Timeline: Revenue & Customs fiasco". Guardian Unlimited, November 20, 2007
- Tom Espiner "Government loses 25m confidential records". ZDNet, November 20, 2007
- Press Association "Missing: 25m people's personal data". Guardian Unlimited, November 20, 2007
- Ian Thomson "HMRC boss resigns over data loss". Nielsen Company, November 20, 2007
- Sara Yirrell, CRN "Security community slams HMRC". Nielsen Company, November 20, 2007
- "Timeline: Child benefits records loss". BBC News Online, November 20, 2007
- "Tories tell Darling 'get a grip'". BBC News Online, November 20, 2007
- "Key Points Of Darling's Statement". Sky News, November 20, 2007
- "Thousands at risk after data loss". BBC News Online, November 3, 2007
- Lisa Bachelor "Anger over theft of taxman's computer". Guardian Unlimited, October 21, 2007
