Tuesday, 20 November 2007

Thousands of local families affected by catastrophic data breach

The news of the appalling breach of data protection at HMRC which has led to 25m people being exposed to potential identity fraud will have a massive impact on families across Chatham & Aylesford. The Chancellor was forced to admit that his Revenue & Customs Agency have lost in the post disks containing details of 25m child benefit claimants raising huge questions about the safety and security of personal information. The latest statistics show that in Medway nearly 34,000 families claim benefit for nearly 61,000 children, and in Tonbridge & Malling there are 15,000 families claiming benefit for over 26,000 children. That means tonight nearly 50,000 families across the region will be worryingly checking their bank accounts to make sure they have not been subject to fraud.

The Chairman of HMRC has rightly resigned but despite the Chancellor learning about this – the largest breach of data protection ever – 10 days ago, the public have only now been alerted to the problem and by all accounts as a result of the media finding out, rather than the Chancellor coming forward first.

This is a catastrophic failure but highlights why a database for ID cards, which will store an immense amount of information on each and everyone of us, cannot be trusted in the hands of Government.

1 comment:

Cllr John Ward said…

They send data by post??? Don’t they know how to (strongly!) encrypt data? This really is unforgiveable, and extremely concerning!

When I was the entire IT Support Team for the DTI’s South-East and London Regional Office (before it was merged with other regionsl offices to form the Government Offices such as GOSE) I and all the others around the Ministry involved with IT matters were very VERY careful with data, its protection, backing-up and the rest of it.

Even now, working mainly from home, I operate an extensive backup regime, including at two off-site locations — but I encrypt all my backups (apart from one on-site “mirror” of my main data files etc.) and I hand-deliver (and collect) my offsite backup drives (lightweight pocket-size USB 80 GB devices).

It is interesting to realise that I, operating alone, have a far more secure data handling and protection system than the Revenue and Customs Department of today’s Government…

You are entirely correct about the implication of this for the proposed ID Cards database.

The one good thing to come out of what has happened at HMRC is that it will alert even more of our citizens to the very real perils inherent in the Government’s plans.

Hopefully this will generate so much lobbying of MPs that the plan for at least the database part of that scheme will have to be scrapped.