back to article Darling admits Revenue loss of 25 million personal records

Alistair Darling told the House of Commons this afternoon that a police investigation has been launched into how Her Majesty's Revenue and Customs has lost child benefit records relating to 25 million people. Records for 25 million people, relating to child benefit payments for 7.25 million families, were sent using the HMRC's …

COMMENTS

This topic is closed for new posts.
  1. Clive Powell
    Pirate

    Passwords and NAO

    You just KNOW that the data was in an excel spreadsheet which was password protected with a difficult word like NAO or HMRC. And for what reason did the NAO need the data and who authorised tham to have it. Only one head has rolled, more are needed both from the NAO and the HMRC.

  2. Anonymous Coward
    Paris Hilton

    Voices green and purple

    "Two computer discs holding the personal details of all families in the UK with a child under 16 have gone missing" says the BBC, which sounds even more alarming.

  3. Dr Wheetos
    Thumb Down

    Re: Symptomatic of a bigger problem

    It's probably happened. Just that we haven't heard about it.

    Now let's see. Ah, yes, Davey Winder's article in this month's PC Pro shows that full identity details exchange hands for $10 - $150 a time but bank account info is even more lucrative. 25 million records makes this a very nice retirement fund for someone, even after applying discounts. You'd have better chances getting a good return with this data than winning the lottery.

  4. Anonymous Coward
    Anonymous Coward

    Re: looking on the bright side

    No, they've got the "what about ID cards" angle covered already ... to paraphrase the minister on PM then "ID card details will be held on a modern secure database which will be totally safe whereas child benefit is an old system that was designed befoer anyone thought of security and quite frankly its surprising that its take this long for us to lose the data" - ok, so I made the last bit up but they're pushing the "we know how to do it properly now so its all ok, don't worry" line

  5. John Styles

    Has anyone seen any details yet?

    There are many obvious questions, most of which have been covered above.

    What does 'password protected' mean?

    How was the password passed to the NAO?

    Who authorised the transfer?

    Who has the ability to do this sort of query?

    What format was the data in?

    I think the thing that beggars my belief is that random people have this sort of access to the system.

  6. JeffyPooh

    Hmmm...

    BBC and other news organizations are reporting "two CDs". Is 64 bytes* enough space, even compressed, to store ALL THAT information? If so, just barely.

    * 64 bytes/person = (800M*2)/25M

  7. Anonymous Coward
    Flame

    Bring Me My LART!

    Even working in a not particularly exciting area - the most lucrative thing you'll get out of our system is the size[1] of the advance on "Victoria Beckham[2]"'s last book - we've got more sense than to send important data by carrier pigeon. Someone - and that means We, The People - need to start beating these people over the head with the Clue Stick until they've had enough, then keep on so doing until /we've/ had enough. And then tell them where to stick their ID cards.

    I really am quite worked up about this...

    1 - Well into six figures. No, I don't know why either.

    2 - Yeah, write, er, right

  8. Justin
    Unhappy

    never mind my account details...

    ... it doesn't take much imagination to think of ways of redirecting child-benefit payments - someone only has to write them a letter, and the money's theirs. Same for my tax credits. It's going to take YEARS to sort this catastrophe out. Smells like an insider job to me :-(

  9. Gaz
    Thumb Down

    Disgusting

    This is disgusting. Surely for data this important they'd send it hand courier - door to door, encrypt the data, hell, why even send a copy, let the NAO work from the HMRC offices?!?!

    I've not found out why, but what did the NAO want with the entire 25m records worth of database? Surely they could do their 'auditing' with a sample?

    If a bank (or any large organisation) was to fail this spectacularly, the Information Commissioner would take them to court, the bank would implode and everyone involved would lose their jobs and future employability - what about the idiots involved in this?

    Everyone knows the Government will introduce ID cards regardless of what the public think - they won't be secure and this fiasco justly proves that.

  10. Anonymous Coward
    Joke

    Junior Official Unmasked

    Sources close to the HMRC have apparently identified the junior official as a "Mr Simon T" and on-going investigations in to recent colleague disappearances were nothing to worry about...

  11. Anonymous Coward
    Anonymous Coward

    Nothing (Left) to Hide, Nothing to Fear?

    Up until recently, these details wouldn't have included my bank account, thus mitigating some of the risks.

    However, the last few years saw the unseemly bullying by Benefits & Pensions to stop people receiving cash direct from the Post Office, and having money paid directly into bank accounts. Beneficial (to HMG, not the public) effect of this was that fewer people used the Post Offices, resulting in more of them being seen as uneconomic and ripe for closure.

    Living in the country, where banks are like hens' teeth, the Post Office was a life line for some ready cash, some of which even got spent on the kids. Well that's gone for a ball of chalk, so thank you Gordon, Darling.

    One might be charitable and say that this is the action of the Law of Unforeseen Consequences, except that these consequences were foreseen and indeed vociferously pointed out at the time, but to little avail.

    Eggs, baskets. You know the rest.

    It'll only be a matter of a few years before the information about which we're all so shocked (but are we really?) has gone missing will be routinely sold to Supermarkets with interests in direct marketing to families with young children. No doubt profiling the information and skewing their interest towards those called Tarquin, Jocasta and Tobie, rather than Jaxon, Tiimaaii and Jo'Hanna. For only a few years ago who would have thought that vehicle registered keeper information would routinely be traded with private car park owners for mutual profit?

    You don't know what you've got 'til it's gone.

  12. Simon T
    Happy

    Internal Mail in Govenment departments

    I worked (as an IT contractor) at a large military headquarters just outside Watford about ten years ago (no place names, just think Yes Prime Minister..... season 1 episode 1...) where internal mail took seven WORKING days to travel the epic journey from one office to another. Mail frequently went missing.

    However classified docs (iirc) were not sent via the internal mail!

  13. Christopher Rogers
    Flame

    a fucking disaster

    Really. There is no way the government could get out of this one - 25million people. In a country of 60 million, 25 million is a hell of a lot.

    Bollox to Brown's Labour, this better be the end of this government. I bet he wished he called an election now...

    ...and ID cards have got to be toast. Hopefully the public will stand up against the enforcement of this scheme to record all of our personal details.

  14. Anonymous Coward
    Anonymous Coward

    As an IT community we need to know

    What sort of password protection ?

    What data format ? (including schema) ?

    So we can advise our friends and families.

    Nigerian 'Generals' and 'Ministers' have been after this info, albeit ;ess efficiently for years. This sucks.

  15. Anonymous Coward
    Black Helicopters

    My best guess...

    As a "overpaid" and "over-pensioned" civil servant myself, I can't say that this case comes as any great surprise.

    Anyway, as I'm a "junior official" too, here's my best guess at the "facts":

    First off, all established Civil Servants are bound by the Official Secrets Act 1989.

    By the sound of it, the "junior official" in this case is most likely an Admin Assistant or an Admin Officer earning no more than £18,716 max (London Weighting not applicable in this case). Hardly a fortune (http://www.hmrc.gov.uk/jobs/salaries.htm)

    Same Junior official would have been told to send CDs to NAO by his manager - following orders. It happens a lot when you have a grade hierarchy in any organisation but why everyone is whining about this poor sod, I don't know - If NAO needs access to the complete Child Benefit database to undertake an audit then someone at HMRC needs to have access to the complete database - why shouldn't it be a "junior official" with special access, provided to him by his manager and authorised at a higher level? Hardly a "taxing" job (sorry bout the pun) and certainly not one it's necessary to have a high grade to undertake. I strongly suspect this unfortunate bugger was only doing what he/she had been doing for years. It's not him/her that lost the CDs - that is TNTs fault alone.

    All the Civil Service depts I've worked in outsource their courier - and like any other business, this generally goes to the cheapest bid - common practise. In this case TNT. I suspect the Security Service, MOD, GCHQ etc... do not use a private contactor but I could be wrong.

    I have a strong suspicion this information couldn't be sent electronically as it's common for civil service depts to put a 4MB limit on email attachments (they use the GTN so it's a secure VPN (run by Cable & Wireless if you must know)) and they won't have any other means of electronically sending such a large volume of data or they would have used it - my department has no network access to NAO systems, I doubt any department does.

    I'd bet cash money that the database lost was a .mdb file

    Anyway - contrary to what I've said here, I'm not defending the civil service. Officers are sacked every week for computer misuse and data protection breaches. I'm a signed up member of NO2ID because there's no way in Hell I'd trust this government, and the civil service I work for to keep an ID card database secure. If you've got an ounce of sense, you wouldn't trust them either.

    Staying anonymous for fear of helicopters.

  16. BitTwister

    @Dave

    > that should finish off the possibilty of ID cards anytime soon.

    Huh - you, me and a good few million others would like to think so, but with this brain-dead crowd it's more likely to result in another spray of the "honest mistake" BS, along with "it's important we learn from these mistakes" - before being brushed under the carpet with all the other IT-related, monumental screw-ups.

    Much is revealed of the shockingly cavalier attitude to privacy in that these "computer disks" (is saying "CDs" or "DVDs" *so* difficult for the media?) had been missing in transit for three sodding weeks before anyone thought to ask about them.

    Still, it's nice to know that they were password protected - er, so that's Ok then. <sigh>

  17. Anonymous Coward
    Anonymous Coward

    Sampling

    I'm surprised to see comments on an IT-related site asking why the NAO wanted all the records rather than just a sample. Sampling is prone to error, while by using modern auditing tools you can quickly audit the entire set of data.

    Ironically, one reason they may want the entire database would be to check it for errors and fraud.

  18. Anonymous Coward
    Anonymous Coward

    Clownsuits on at HMRC

    Well we finally have it now. Irrefutable, unarguable proof that our Government's IT is in the hands of incompetent, unprofessional, careless fucktards.

    Do all your folks in "the Business" wonder where all those hopeless CV's you throw straight in the bin end up? Correctamundo... they end up being recruited by low quality, low cost outsourcers to fulfil Government contracts for pisspoor (but rich) clients like HMRC.

    Andy Burnham, who is one of those unmemorable drink-of-water MP's the New Labour trot out to deflect bad news from the Cabinet in times of emergency, was on C4 news tonight babbling on and on about improving the process and reviewing safeguards etc etc... like he even has a frigging clue what he's talking about. The fact that some turd at the IR was even able to copy this data onto a DVD at all, without detection (let alone post it via TNT) should be a sacking issue for anyone in the chain of command who was aware of this security hole. It's such a clown-howler it almost beggers belief that it was possible, but we should not be surprised that some idiot exploited it in a moment of pure laziness.

    Equally disgraceful is that the National Audit Office (who the discs were posted to) were completely aware of the data being posted in this way and were ok about it? What special breed of cretins do we have working in Government FFS?

    The good news of course is that whether the Government likes it or not, all those plans for National ID registers and NHS spine databases will probably be impossible to implement for at least 10-15 years as the public finally wake up both to the amount of data held about them, the pathetic security implemented in Government and the second-raters who are employed to manage it.

    Thew bad news, of course is that 23 million people will now have to spend the next few years wondering if thier personal data will ever be handed over to every fraudster, Nigerian 419 scammer and paedophile ring in the world.

    Well done HMRC... you monkeys...

  19. Anonymous Coward
    Anonymous Coward

    All that needs saying

    is in the last fifteen seconds of this: http://www.youtube.com/watch?v=XI-qFTVQQ3s

  20. Paul
    Unhappy

    Fun theorising

    25 Million records so clearly not an Excel file.

    lets assume that our Junior official used all his SQL savvy to come up with

    "Select * from Child_Ben"

    and dumped it to a csv file .

    Lets further assume that the office hardware is keeping some sort of parity with the office software. So what does a junior official using a an NT4 pc with a 4X external cd burner use to "password protect" his (or her) data ?

    Ladies and Gentlemen..I give you.....Winzip

  21. Anonymous Coward
    Anonymous Coward

    Anyone seen two discs?

    Surely this uproar means that everyone who is mercernary is now on the hunt for two odd discs lying around somewhere??

    As an aside, since my Amazon deliveries are now taking 2 weeks and keep getting lost thanks to a certain company called TNT, I have written to tell Amazon that my custom will be going elsewhere.

  22. Anonymous Coward
    Anonymous Coward

    we shouldn't be told

    Sean,

    You know, I really don't think it would be a good idea if a government bod decided to prove just what a secure password they picked and what a random set of character they'd chosen for this disk. Still I wouldn't put it pass this lot. Roll on the National ID Database, lol.

    "And even if it is the latter, is the password a nice, secure 64-character random string or the word "p455w0rd"? We should be told."

  23. Anonymous Coward
    Jobs Horns

    Relax, it's OK

    If the data concerns families with children <16, then the kiddies can retrieve the family data via their favourite P2P site or social network.

    Kewl

  24. Sarev
    Pirate

    Who cares about the bloody discs?

    Why are people banging on about recovering the CDs? It takes a couple of minutes to suck all the data off them so just because you've got your precious CDs back doesn't mean I haven't got all your data.

    And just how many of these CDs have been intercepted prior to this and have either not been reported as missing or were put happily back on their way by the thief with no one any the wiser?

    Finally, everyone in the media and government is patronising us with messages about how unlikely it is that our bank accounts will be plundered. Sod that, it's more than enough personal information to run up no end of bad debts - the sort of stuff that takes years to notice and sort out and really shafts your credit rating.

  25. Erlang Lacod
    Go

    SPOOKS

    Tell me this is an episode from Spooks.

    Enraged by jealousy Adam sets off to discover the father of Ros's secret love child. He sets about gaining access in his normal way by going undercover at the HMRC posing as a junior tea stirer in the department of Strategic High Intensity Training. No sooner has he swiped his way into the secure zone, with his usual expired Blockbuster Video membership card, he spots a visiting van driver in TNT uniform, a man with a long beareded face who looks strangely familiar. Not having any weapon with him ( The HMRC now publicly escew the carrying of scythes by it's staff except for those investigating illegal tea bag cartels) Adam picks up the nearest thing to hand being a small case containing two cd roms and pursues the van driver who he thinks he has recognised as no one other than Osama Bin Laden who it later is revealed has given up his former life and is now peacefully pursuing a new career as a contract driver for HMRC and occasional football pundit on Channel 4.

    to be continued...

  26. Ash

    Hey Brown...

    Figured out why we loathe the idea of ALL of our personal information on your databases yet?

  27. Sceptical Bastard

    Aux armes, citoyens!

    BBC's Newsnight led with a report on this story and the programme's science reporter, Susan Watts, specifically asked HMRC whether or not the data on the CDs was encrypted.

    After a bit of wriggling, HMRC confirmed it was NOT encrypted. That in itself beggars belief.

    But the real scandal is that a vast army of poorly-trained low-level civil servants working in a culture of low security have extensive access and permissions - as opposed to read-only access for very specific and limited purposes - to vast and highly-detailed aggregated electronic databases.

    As others have pointed out, this episode (and the many that preceded it) means any responsible citizen should actively avoid giving any government department any more than the barest minimum personal information.

    Yet this Orwellian government still intends to press ahead with its national ID database and attendant ID cards.

    Aux armes, citoyens!

  28. Dave
    Stop

    On the news

    I noticed that on the news last night all the people whose data was on the disks were referred to as 'customers', whatever happened to the word 'citizens'.

    That does it, we are all customers of UK plc with Executive Director Brown at the helm.

    I'm (hopefully) a free man, get me out of here!!!!

  29. Mark

    Maybe a blessing in disguise?

    Not, admittedly, a good disguise, but if it finally puts the kybosh on ID cards and gets the furry browed moron to resign, there may yet be a bright side.

  30. Anonymous Coward
    Anonymous Coward

    Sauce for Goose and Gander

    Our records are free to be (mis)handled by any junior civil servant. But who is responsible for this life changing threat? Non other than our Gordy, that's who.

    What about all the detailed emails and exchanges of information of Downing Street, is this protected in a similar way? Oh no sir! It is in the securest of all Whithall buildings, it is duplicated, vaulted, double encrypted & accessible by secure circuit only.

    Double standards? You might think so. I could not possibly comment.

  31. Mark

    Oh and...

    Said furry browed moron has just admitted on R4 "Today" (after a little prodding) that the discs were password protected but (surprise surprise) NOT encrypted.

  32. Anonymous Coward
    Anonymous Coward

    Dear Darling

    Anyone else just heard Alistair Darling on the news this morning claiming that there's no need to change your bank account because the banks are able to monitor all affected bank accounts. The BBC presenter asked whether the banks could actually monitor all 7.5 million bank accounts and dear Mr Darling says yes they can! Excuse me for not believing you.

  33. Vulpes Vulpes
    Happy

    apologies to the BOFH

    <rrrring> <rrrring> <rrrring> <rrrring> <rrrring>

    <click>

    "Hello, IT support, what's the problem now?"

    "Is that Mr. Simon Tr..."

    "Woah! NO NAMES, this is an unsecured line! Who's calling?"

    "This is Ringotts, the jewellers in the high street, we're just checking up on a few er, unusual orders..."

    "OK then, this is he, now what orders are we talking about?"

    "The ones for 50 each of every item in the expensive wtaches section....amongst others."

    "Yeah, those are legit, can you give the goods to that pimply chap I sent round with a wheelbarrow please?"

    <some time later>

    "So let me get this straight, you suddenly discovered you had been left umpteen millions by some obscure dead third cousin you'd never heard of before? You jammy git."

    "No need to be bitter." <smirk> "Speaking of which, I tell you what, I'll buy the first round down the pub at lunchtime, soon as you've finished stacking those boxes of Rolexes"

    "Hmmm, how VERY generous. You must have spent the best part of several million just on Amazon this morning. I never realised how many different credit cards you had." <suspicious glare>

    "OK, I'll buy ALL the drinkies, just this once."

    <in the pub, after a couple of pints>

    "When I got in this morning, how long had you been at your desk?"

    "Oh, I was here all night."

    "All night! You never do overtime unless there's some VERY good reason....so do spill the beans."

    "Listen, oh pimply one, when you need to break the password protection on two discs full of extremely useful data, it sometimes takes a little longer than one working day....."

  34. Biton Walstra

    UK keep dreaming

    That show off that this country is really an 3rd world country… In the first place departments who need to access each others data should have secure network connection between them full stop. Data like this should never ever been on disks ready to send by post… I’m happy that not my data is on the hands of those monkeys.

    And the lies from the government that those disks are being secured by not easy to guess passwords he he he let me laugh. That UK encryption system from the World War II was being hacked in seconds…

  35. graeme leggett Silver badge

    Why the discs are important

    "Why are people banging on about recovering the CDs? It takes a couple of minutes to suck all the data off them so just because you've got your precious CDs back doesn't mean I haven't got all your data."

    Because if they find them tucked behind the wheel arch of TNT truck with afortnight of dust on top or behind the water-cooler in the postroom, then they probably haven't been copied (by anyone other than a TNT employee or a government official).

  36. Scott
    Alert

    @ How Many Parents?????

    By the way it isn't 7.25 million children, it said 7.25 million familes

    Misquoted? So its something like 2 - 3 children per family or whatnot

  37. Anonymous Coward
    Coat

    I know where the CDs might be!

    Has anyone thought of knocking on the NAO's next door neighbour's door and asking if TNT left a parcel with them? Or maybe behind the bin in the alley that leads to the back garden?

  38. Tim

    Disgraceful

    This shocking and disgraceful event is a flagrant breach of the Data Protection Act and the people and ministers responsible should be prosecuted.

  39. H'arj Imladd
    Thumb Up

    Vote of no confidence in the Government

    It's difficult to find the words as I'm sure we all listened open mouthed as this F***tard explains that name, address, NI number and bank accounts for 25M people have been "lost" but it's OK as that's not sufficient to commit fraud !

    If I, or anyone else here in the real world, did anything anywhere near that incompetent, I'd expect to be fired immediately and effectively become unemployable by any sane employer, as would everyone associated with the offending episode.

    UNBEF*CKINGLIEVABLE!

    I'm now off to the Number 10 website to set up an online petition for a vote of no confidence in this government as they have just presided over the most appalling, incompetent breach of confidence yet.

    Join me ! Bring pitchforks and flaming torches.....

  40. Matthew Hale

    Spot on Adnim...

    ....These jokers really do want a national DNA database (which they have already pretty much got), ID database, and ooooh anything else they can turn into a database. It's all so exciting for them, all this magical information technology. Bless them. You know they only have your best interests at heart. They're protecting you from all the scumbags out there, no really, they are. No really. Don't laugh, they are. It's what every politician spends his every evening fretting over.

  41. Anonymous Coward
    Flame

    My worry...

    is not that the details are out there - nothing can prevent them being lost now, we just have to fix it. I'm more concerned that this will be used as a measure FOR ID cards. The general populace will not know about the majority of the fears of El Reg and her readership, they will be relying on mainstream fsckwit media talking heads to tell them (ie parrot the gov) that encryption and biometrics built into ID cards will mean that this CANNOT happen again. These people then believe the propaganda and vote FOR the cards without realising how much worse they are making things.

  42. Anonymous Coward
    Unhappy

    Even if they are found ...

    If a low-paid van driver at TNT does now find these discs tucked behind the wheel arch, I can promise you they're probably not going to give them to their manager, when there's that nice Russian gentleman down the pub offering a suitcase full of cash for them.

    Anyway it doesn't matter about the CDs. The real horror story here is how on earth a junior official was able to access the entire database without being quadruple checked by various levels of management first.

  43. Joe Stalin
    Happy

    Old chestnut

    To err is human, but to really screw things takes a computer.

  44. Anonymous Coward
    Thumb Down

    @Civil Servant

    At the post justifying why a lower grade worker could access all the data. The bottom line is that the ONLY people who should be able to access to base tables in such a critical database are the DBAs. Even then, they should set up accounts where they can't access the data and use those.

    When receiving a request for a dump of all the data, the standard response from the DBA should end with 'off' and start with 'f**k'. I can't think of any legitimate access to all the data at once.

  45. Anonymous Coward
    Happy

    @graeme leggett

    ""Why are people banging on about recovering the CDs? It takes a couple of minutes to suck all the data off them so just because you've got your precious CDs back doesn't mean I haven't got all your data."

    Because if they find them tucked behind the wheel arch of TNT truck with afortnight of dust on top or behind the water-cooler in the postroom, then they probably haven't been copied (by anyone other than a TNT employee or a government official)."

    Actually that is exactly how I would go about covering my tracks if I came into contact with the CDs. Then wait a few months before using the data. With a bit of luck the news will cover the fact that the CDs were "safely" recovered and people will become complacent again.

  46. Dale Harrison
    Happy

    I'm surprised that no-one....

    .... has quoted Blackadder's General Melchett :-

    "What the hell are you playing at Darling !"

  47. David Adams
    Black Helicopters

    Why are we surprised?

    After the amount of trouble this Government gets into with any IT system why should it surprise us?

    As the guy on Newsnight said last night, it was only a matter of time before it happened.

    I wouldn't trust them with a bloody Speak 'n' Spell!!!

    P.S. Where's the PH angle?

  48. Smallbrainfield
    Alert

    Phew!

    Well, at least if it's TNT that have lost them, you can rest assured that they'll be smashed into thousands of pieces as well.

    Thank the maker for ham-fisted carriers!

  49. JBR
    IT Angle

    @Why the discs are important

    ...and a villain will obviously leave a post-it note on em saying they've been copied;)

    Seriously, it's in the criminal's and the government's interest to make it look as though the data had never been copied- everything is hunky dory and no need to change bank account details...

    And @JeffyPoo- I did a quick test cos I was bored this morning

    Fired up excel and put in row with name, address, ni number, dob, telephone no, bank details

    Duplicated it 250 times then saved and compressed. Came to 8959 bytes

    x100,000 to get 25 million records = about 900MB

    So 2xCDs seems about right unless I've got the maths totally wrong

  50. Sceptical Bastard

    Hard-to-guess passwords?

    EH?

    It's not like any 14-year-old, let alone Russian or Romanian crook, can't download one of half-a-hundred simple crackers onto a USB pen and (assuming they've got a P4 and 1GB RAM) crack the password in under two minutes!

    Do these political media droids really believe the shit their officials tell them or do they just think we're such complete morons that we'll believe any fantasy they care to spin?

This topic is closed for new posts.