The Mother Of All Cock-ups

[Amadeus]

Missing: 25m people's personal data

 

Computer discs holding sensitive personal data on 25 million people and 7.25 million families have gone missing, Chancellor Alistair Darling has admitted to MPs.

 

He said the details included names, addresses, dates of birth, Child Benefit numbers, National Insurance numbers and bank or building society account details.

 

Paul Gray, chairman of her Majesty's Revenue and Customs (HMRC), which lost the discs containing the Government's entire Child Benefit database, has resigned over the affair.

 

Erm..ok, and this is the lot that tells everyone "Don't worry about us and all our data bases - it's all safe..."

[bluemonday]

A secure database

Ha,

ha

ha

ha

ha

ha

What a total and utter f*ck up.

[ai_Droid]

A secure database

 

Definately a fuck up, but really not as alarming as you might think. What was nicked:

 

-National insurance number

-Name, address and birth date

-Partner's details

-Names, sex and age of children

-Bank/savings account details

 

Is pretty much all public information anyway. There's nothing secure about your bank account number, and the other details will result in a lot more junk mail in the wrong hands rather than anything else.

 

Edit: Zomygod:

[germann]

Would any Manx residents' details be on the discs?

[Tweek]

A secure database

 

Definately a fuck up, but really not as alarming as you might think. What was nicked:

 

-National insurance number

-Name, address and birth date

-Partner's details

-Names, sex and age of children

-Bank/savings account details

I think this is very alarming, and that you are grossly underestimating the dangers here.

 

A criminal could now produce forged utility bills, get work for illegal imigrants using NI data associated with addresses, cross check the data to identify former spouses now residing at their own parents identifying numerous maiden names, find out the addresses of anyone from a celebrity to former spouses (perhaps even putting lives at risk by identifying where some people live). People with this list could use it to apply for credit cards, access existing bank accounts, divert child benefit payments working tax credits payments, and use it to make fraudulent claims for other benefits. Once you have access to peoples lives, the list of what you can do after that just grows and grows.

 

Criminals are also capable of joining this data and other data together, and you can bet the word is out in the underworld to get hold of this list as it will be worth perhaps billions. Plus if criminals get hold of the data, do you really think there will only be one copy of it kept?

[3v0]

Have these people never heard of the hard drive hammer?!

 

I'm also quite fond of the CD destroying boot on tarmac approach!

 

Do they actually know the data has fallen into "the wrong hands" or has it just gone missing? Chances are it's in a tip somewhere never to be seen again.

[3v0]

A secure database

 

Definately a fuck up, but really not as alarming as you might think. What was nicked:

 

-National insurance number

-Name, address and birth date

-Partner's details

-Names, sex and age of children

-Bank/savings account details

 

Is pretty much all public information anyway. There's nothing secure about your bank account number, and the other details will result in a lot more junk mail in the wrong hands rather than anything else.

 

Edit: Zomygod:

 

Ha ha! What the hell is "Bubba the love sponge" !!

[bluemonday]

Last I heard it had gone missing in the courier/post system so they don't actually a clue where it is.

Amazing that they didn't consider that a more secure method of transporting any such discs might be a good idea.

Still given the amount of laptops the MOD etc lose it's par for the course I suppose.

[Tugger]

don't loads of people have their kids birthdays as PINs for those bank accounts whose details have been disclosed?

[Mr. Sausages]

It's probably sat on someone's desk under a file or something.

[Pragmatopian]

Whenever transmitting data by post we always use trackable courier services and encrypt the contents. Our clients would go nuts if we let personally or commercially sensitive data out into the open in a format that anybody could read.

[Albert Tatlock]

It's probably sat on someone's desk under a file or something.

£5 says they've just spent 10 days stripping the building. This will be well gone - otherwise the sh1t wouldn't have hit the fan. Classic reason for leaving on someones CV though - 'caused greatest calamity of all time, nearly bringing down government.'

[Mr. Sausages]

Yeah, but if that happened in my office I'd quickly grab all the work on my desk that's been sitting there for 6 months (together with that envelope full of disc shaped stuff that I'm sure isn't for me anyway) and hide it in on the ceiling tiles in case someone found it and I got the sack.

[The Old Git]

Even if they get the discs back there's probably no way on knowing if they've been duplicated or not.

 

Also, it's worrying that a "junior official" can simply dump the whole database of 25,000,000 records on to disc in the first place.

[TurricanII]

Hmmmm is that classed as one or 7.25 million breaches of the Data Protection Act, i.e. the failure to reasonably protect the data and prevent it from being accessed?