« Previous | Main | Next »

The Revenue and Customs Scandal.

Eddie Mair | 16:19 UK time, Tuesday, 20 November 2007

Read the Chancellor's statement here. Let us know what you think of the story...or tell us how it affects you, by clicking on the Comments link.

There is some advice on what to do, here.


  1. At 04:42 PM on 20 Nov 2007, B M, London wrote:

    Mr Badger - you must go. You've lost our trust - and caused much woe.

  2. At 04:44 PM on 20 Nov 2007, Laura wrote:

    By the way, incase HMRC have missed out telling anyone my personal details, here they are...I bank at £$%^&,

    My account number is - !"£$%^&*())(*&^%$£", my national insurance number is *&^?@:>?£"£$££%&*&().

    SEE, even Eddie's blog has hidden my details better!!

    Thanks Eddie.

  3. At 04:52 PM on 20 Nov 2007, Big Sister wrote:

    Having read this statement, and in the spirit of true fairness, I would say that the Chancellor has acted in an appropriate and timely manner. Given that he cannot be held personally responsible for what HMRC have done (and there are a lot of questions to be answered in that quarter), I cannot see that he can be criticised from any quarter for this particular scandal.

    I hope that the recipients of child benefits will feel reassured: however, I suspect Her Majesty's Opposition and certain elements of the media will have a field day without concern for the poor people who will sleep less easy tonight.

  4. At 04:52 PM on 20 Nov 2007, Tom Harrop wrote:

    There's a bloke on Ebay selling two big discs.

  5. At 04:53 PM on 20 Nov 2007, David Lewis wrote:

    The Government has lost our private details, with all the security risks. Is this the same Government that assures us that a Database of all our health records is safe, or an Identity Card database is a good idea.

    Not on your life would I give them any more chance to screw up.

  6. At 04:56 PM on 20 Nov 2007, Van Man wrote:

    pssst. Want to buy some data?

  7. At 05:02 PM on 20 Nov 2007, Stewart M wrote:

    The only saving grace, according to the statement, is the data in encrypted. That is not much of a saving grace cos we all konw there are different levels of encryption.

    We now all know the data is out there, but hopefully on a craked CD in land fill!

  8. At 05:03 PM on 20 Nov 2007, Chris Ghoti wrote:

    I now have to go to my bank and establish that they must not give all the money in my account to someone else. This because the people in charge refused to issue me with a booklet for family allowance as they always used to, and made me have the money sent directly to my bank by credit transfer.

    First they insist on having information about me, then they don't have the decency to look after it.

    Was someone talking about the ID card scheme just now?

  9. At 05:08 PM on 20 Nov 2007, salieri wrote:

    Did you know that HM Revenue & Customs has a larger workforce than the Royal Navy and RAF combined? And the DWP has more people 'working' for it than the British Army.
    Go figure...

  10. At 05:10 PM on 20 Nov 2007, Ed Iglehart wrote:

    Beat me to it, David and Chris!

    That should bury the ID card scheme, so, "It's an ill wind," as they say...

    Namaste -ed

    Very few profundities can be expressed in less than 80 characters.

  11. At 05:11 PM on 20 Nov 2007, Andrew James wrote:

    Astonishing. And this government wishes us to hand over our biometric data to them as well. Not a chance. Get them out!

  12. At 05:11 PM on 20 Nov 2007, Ned Gayner wrote:

    As almost every computer expert has been stating from the start: the ID card database WILL be compromised.

    Is there any chance we can still stop the ID card folly from going ahead?

    Ned Gayner

  13. At 05:14 PM on 20 Nov 2007, William Kelly wrote:

    Some clarity please - does this ONLY apply to families claiming benefit or are we all at risk!


  14. At 05:16 PM on 20 Nov 2007, Chris Hopkins wrote:

    Please go easy on the panic-stricken scaremongering. No-one can take money from an account using the details HMRC have lost, and every bank warns its customers against self-inflicted security risks like using your kid's name as your password.

    I can't wait to see the tabloids tomorrow. They'll probably cause a run on the banks.

  15. At 05:17 PM on 20 Nov 2007, william beeby wrote:

    If I am not involved in child benefit ,which I am not, do I not have to worry then?

    I am wondering at what level in the civil service these data discs are dealt with. Is it senior management only or is it in fact passed down the line to junior staff? To send this type of information in the post, un-recorded!!!, is scandalous in fact, why not use a courier employed by the government or a security firm like group4 who do a lot of work for the government?

    We have a new chancellor so I think he does deserve another chance but one more slip up like this and he and his colleagues in the treasury should be sacked , not resign.It is incompetence of the highest order and peoples security is now at risk like never before.

  16. At 05:18 PM on 20 Nov 2007, Andy Howarth wrote:

    Its great that the government have been open about it BUT doesn't this just confirm that the ID card can NEVER be made secure.

  17. At 05:19 PM on 20 Nov 2007, CJM wrote:

    This is absolutely appalling!
    We are constantly told to be careful of our personal identity only for the government to potentially hand it over to whoever!
    Government personnel need to take responsibility for our data and follow security procedures.

  18. At 05:19 PM on 20 Nov 2007, J. Richards wrote:

    So we're all ok because the information has been encrypted.

    And where's the password? Probably on a bit of paper in the same envelope as the disks, or even written on the label.

    So we can be assured that there is no evidence that the information that has been "lost" has been used for identity theft.

    Although there may be no evidence that it has been used unlawfully, but there is also no evidence that it hasn't either!

    It's not even as if we have any choice whether to make this information available to HMRC or many other government organisations. I will certainly be objecting VERY STRONGLY to any suggestion that an ID card and supporting database is a good idea.

  19. At 05:19 PM on 20 Nov 2007, Ruth Sharratt wrote:

    So all the information that is proposed to be put on ID cards and the computer system behind it is quite safe.

  20. At 05:22 PM on 20 Nov 2007, Stella wrote:

    When will the government start to take its data protection responsibilities seriously? The loss of so much information regarding the nation's children is a scandal. Can we really trust assurances of security regarding the National Identity Database after this?

  21. At 05:22 PM on 20 Nov 2007, whisht wrote:

    just want to add my 'yay' to the echo this has for concerns over the ID scheme.

    ah - Eddie's just mentioned it!

    wow - this woman's answer is staggeringly stupid!! It wasn't the age of the database(!) it was a HUMAN ERROR (sytemic or not) of someone handing a CD over to colleagues.

    stupid stupid stupid woman. Eddie you must've been out of time to let her get away with it.

  22. At 05:23 PM on 20 Nov 2007, patricia storr wrote:

    Please note this information has NOT been lost in the post, it has been lost by TNT.

  23. At 05:23 PM on 20 Nov 2007, Dave Bannister wrote:

    It is surely only a matter of time before some half-witt within the home office claims that the answer to the Revenue & Customs leak is a National ID card - more personal data for someone to get hold of!

  24. At 05:24 PM on 20 Nov 2007, Jon wrote:

    Exactly right, Chris Ghoti. If our ID card details (biometrics etc) are lost, our identities will be compromised for our whole lives...

  25. At 05:25 PM on 20 Nov 2007, Fromtheislands wrote:

    ID data base secure!
    Health records secure!
    Child benefits secure!
    etc, etc...

    Of course that is what this infallible government have told us but now we know.

    ID card scheme must now be first to be scrapped - after this farce how can the cards protect us when they cannot guarantee the security of data that is to be included on the cards.

  26. At 05:25 PM on 20 Nov 2007, cyprover wrote:

    The prospect of personal information getting "lost" is quite frightening.
    My bank managed to "loose" a substantial sum of my hard earned cash for 22 days before the mistake was discovered. That caused me considerable difficulty, as you may imagine.
    Too great a reliance on digital/computer information is no substitute for a beauracrat/official actually knowing the human being in question. Remember when your bank manager/school teacher/police constable/minister of religion lived in your street?
    Citizens of the UK should look on the proposed Identity Card scheme with considerable scepticism. The regret of government ministers for errors in the storage and processing of personal information is not enough.

  27. At 05:25 PM on 20 Nov 2007, David Smith wrote:

    What does the National Audit Office need this information for? Especially twice in the same year. If they need to see such confidential information at all they should follow normal audit practice - see it on site. Or were they "testing" HM Customs and Excise. Somebody in the National Audit office needs their nuckles rapped.

  28. At 05:26 PM on 20 Nov 2007, Frances O wrote:

    Me, too, Ed - David and Chris say it for me and, I suspect, many others.

    ID cards? Security? Oxymoron.

    Oh. That was malicious. Er - oxymoron is not a term of abuse, you silly people.

  29. At 05:26 PM on 20 Nov 2007, Jon Schurmann wrote:


    If they can lose this sort of information what can we say about the security when it comes to the ID card scheme.
    I am Unemployed and with the prices of food going up so fast I can hardly afford to pay out for an ID card.

  30. At 05:26 PM on 20 Nov 2007, Mark wrote:

    Out of curiosity is it possible to change your NI number ?

  31. At 05:27 PM on 20 Nov 2007, gary hayes wrote:

    can anyone help - my partner stopped recieving child benefit 12 months ago.

    could her details still be on the discs?

    guess i won't get an official answer to that one. could try HMRC i suppose......

  32. At 05:27 PM on 20 Nov 2007, Micahel Pickering wrote:

    Of what precisely are the National Audit Office thinking when they ask to see all 25 million records. Have they not heard of some form of risk assessment; checking a percentage/selection of the records? There is no way they can expect to satisfactorily review the whole information?
    Why are NAO undertaking this audit remotely?
    Why is there not a NAO presence on the relevant HMRC site doing the work?

  33. At 05:27 PM on 20 Nov 2007, Richard wrote:

    Why is it necessary to physically transfer this data through the post?

    Do the National Audit Office not have direct access to HMRCs computer servers via the secure government network?

    For heaven's sake, I've been able to fill in my tax form on line over this network for several years.

    I thought this was a joined up computer literate government, or that's what Blair was fond of telling us.

  34. At 05:28 PM on 20 Nov 2007, David Tomlinson wrote:

    Does this affect people who don't use on-line banking?

    Bring back the Child Benefit Book!!!

  35. At 05:28 PM on 20 Nov 2007, John Wilson wrote:

    This is indicative of the complete lack of professional IT security process within the government. The key factor here is that a "junior employee" was able to download the whole dataset without authorisation or triggering an alert. I'm not a great admirer of the level of security in the IT departments of high street banks but it's inconceivable that their internal process would let a low level employee get millions of customer records onto a CD.

    The fact that they lost some CDs is virtually irrelevant. If it's that easy to get the data onto junior employees PCs than what's to say that the data doesn't go out of the door every day on some rogue employee's USB memory stick?

  36. At 05:28 PM on 20 Nov 2007, M.D. Abrams wrote:

    Glad to see there were a few Brits commenting on yet one more UK government IT screw-up signaling the end of the ID card idea. If anyone in the UK still believes this current bunch of complacent, incompetent fools on ID cards, they're just as dumb as the Americans they like to poke fun at.

    Best fun: watch 'em squirm out of this one!

  37. At 05:28 PM on 20 Nov 2007, admin annie wrote:

    exactly Chris! the most annoying aspect of the whole affiar is that given the choice I would have preferred to carry on collecting my child benefit in cash, I was not given the choice but forced to have the money paid in to a bank account and as you say they do that and then can't look after it properly.

  38. At 05:29 PM on 20 Nov 2007, David Gray wrote:

    The implications of this disaster - and others like it - for the Identity card scheme really need to be highlighted. Many people haven't clocked yet that one of the biggest problems with the ID card scheme is establishing people's identity BEFORE you give them a card. That was a problem before today. It's a damn site bigger one now that - thanks to HMRC - so many "fake yourself an idenity" kits are out there.

  39. At 05:29 PM on 20 Nov 2007, Nigel Robinson wrote:

    As many people seem to use dates of birth, etc. for passwords, surely the risk of identity fraud must also extend to other online accounts such as eBay, Paypal, insurance and internet shopping.

  40. At 05:29 PM on 20 Nov 2007, Jack Hewson wrote:

    Is the Chancellor now between a rock and a hard disk

  41. At 05:30 PM on 20 Nov 2007, Pete Midgley wrote:

    Why has nobody asked why the National Audit Office requested the data in the first place; either they were right or not. If not then whose head rolls there?
    If so, what would the 'normal' practice be for HMRC to pass that amount and nature of information to the NAO?

  42. At 05:30 PM on 20 Nov 2007, william docherty wrote:

    I am a tax judge General Commissioner and former District Inspector of Taxes.

    The line Directors and senior officers should also resign for a failure to instil the need for security within the department.

    Government should instigate a fundemental review of security accross the department and commit to applying the recomendations.

  43. At 05:31 PM on 20 Nov 2007, Len wrote:

    What a load of rot was talked by Ms Kennedy regarding the question from Eddie on ID Cards.

    You can have the best, most up-to-date, most secure computer system in the world, but if some idiot in Government makes a copy and sends it in unregistered mail to who-knows-who, then there is absolutely NO security whatsoever.

    I wouldn't trust this Government with the time of day, let alone sensitive personal information.

  44. At 05:31 PM on 20 Nov 2007, Ned Gayner wrote:

    There is no "modern computer system" that can stop some idiot from dumping the data to a removable medium and sticking it in the post!

    And, by the way, just how old is the child benefit system?

    Ned Gayner

  45. At 05:32 PM on 20 Nov 2007, Ben Daglish wrote:

    Your interviewee just blamed "older computer systems, without the protections we can expect from more modern blah blah blah". Rubbish. No computer system is safe from somebody sitting at the terminal (with presumably access to a DVD writer). That was irrelevant though - the disks were "lost in the post!". Obviously, the government should look in whatever warehouse all the cheques end up in...

  46. At 05:33 PM on 20 Nov 2007, Mark wrote:

    I CANT BELIEVE the Jane Kennedy statement just now on PM that the ID card system will be secure because it will be new and the benefits system is old.

    It shows total ignorance!

    The ID system will age and become insecure over time - just as the benefits system clearly has shown us that the exisiting systems and procedures clearly arent followed or updated.

    I wouldnt trust this lot with any data.

  47. At 05:33 PM on 20 Nov 2007, Brian Rogers wrote:

    The fault is that of the sender through an insecure medium. Blaming that medium is a non excuse!

  48. At 05:33 PM on 20 Nov 2007, Alison Day wrote:

    The Government spokeswoman just now on PM, when asked why people should allow their details to be placed on a computer system for ID cards, said that that would be a modern system with up-to-date security. What ministers regularly ignore is the fact that the weakest link in any computerised system is the human element. There will be hundreds of people legally entitled to access the ID database - hundreds of opportunities for security to break down.

  49. At 05:33 PM on 20 Nov 2007, Peter Bolt wrote:

    In the days of the Roman Empire,Horace a poet and commentator noted that "For every folly of their princes the Greeks feel the lash"
    Whatever would he have said about present day UK ?

  50. At 05:34 PM on 20 Nov 2007, Nigel Robinson wrote:

    As many people seem to use dates of birth, etc. for passwords, surely the risk of identity fraud must also extend to other online accounts such as eBay, Paypal, insurance and internet shopping.

  51. At 05:34 PM on 20 Nov 2007, Nigel N wrote:

    So, they will try to do better when it comes to protecting our ID data.

    How about first proving that they can do better at protecting the data that they already have? Sorry, but as said above, HM Government have just shown themselves unable to take care of sensitive data.

  52. At 05:34 PM on 20 Nov 2007, ann wrote:

    Oh my God!! what next? do I trust anything this government or any organisation that is connected with it in any way ..............No, I think not.

  53. At 05:35 PM on 20 Nov 2007, Nigel wrote:

    Everyone, HMRC, Darling and even PM are missing the bigger picture. OK our bank details may (or may not) be protected by passwords but with name/dob/address/NI No./Bank Acc details my IDENTITY is at risk and in the wrong hands loans, purchases etc could be set up by someone else with my name. THATS THE REAL THREAT AND I FOR ONE AM SERIOUSLY WORRIED!

  54. At 05:36 PM on 20 Nov 2007, Frank Richardson wrote:

    Ms. Kennedy makes out that this data fiasco is the result of out-dated computer security systems, but isn't allowing the data relating to all the country's children to be placed on just two CDs in just one package a glaring human and manual failure? Shouldn't such concentration of data be made physically impossible?

  55. At 05:36 PM on 20 Nov 2007, J Bowden wrote:

    Any fraudster is welcome to steal my overdraft.

  56. At 05:36 PM on 20 Nov 2007, Valerie Bayliss wrote:

    I wish Ministers woud feel able to express their anger at what has happened. They are bound to be hopping mad, like the rest of us; why can't they say so? They will be hopping mad as citizens, too. I don't think the Chnacellor can be held responsible because some junior person has been stupid, but I would like to see some answers about why their managers didn't handle things properly. A pity George Osborne can't get his head beyond politicking. This is too imnportant for juvenuile point-scoring.

  57. At 05:37 PM on 20 Nov 2007, kk wrote:

    The loss of this data is scandalous! Legal action against the Government Department in question should be actively considered in the event of any individual suffering identify theft and/or financial or other loss. Perhaps lawyers could pursue a class action on behalf of all of those who become affected by this gross negligence?

  58. At 05:38 PM on 20 Nov 2007, Matt Boot wrote:

    A gross error no doubt, But do the BBC have an agenda to bring down the whole banking system by pressing the public to all change their bank account number, when its not clear yet it any of this information is in the wrong hands. Smacks of the Northern Rock hype all over again.

  59. At 05:39 PM on 20 Nov 2007, Steve Baker wrote:

    How much longer have we got to listen to this Governemnt passing the buck on for every failing, to someone else - during today's interview, Jane Kennedy may seek to reassure us that the 'banks will do this' and the 'banks will do that' - but it's government departments that have agian been left wanting when it comes to transport of secure information, having now had two such failures. Why should anyone trust the government to know better when it comes to security of future identity card data ??

    Steve Baker

  60. At 05:40 PM on 20 Nov 2007, Big Sister wrote:

    I agree with John Wilson and Michael Pickering above - these are the most relevant questions.

    Having worked alongside the Civil Service in a number of departments in years gone by, I am not surprised at the laxity which this episode (and the September one) illustrate. Unfortunately, it's a cultural problem and not particularly responsive to Edicts From On High. Politicians of all persuasions have been hit by the consequences of Civil Service laxness over the years and I don't quite know how it can be overhauled quickly. Speed and the Civil Service just don't go together......

  61. At 05:40 PM on 20 Nov 2007, Dominic Pinto wrote:

    Darling's statement does highlight some key points about what must by any measure be the most egregious example not of 'loss' (which is permanent) but of a fundamental (but not unusual, insiders are typically responsible whether by error or intentionally) breach of data security.

    Despite strict standing instructions, basic common sense, procedures, safeguards, the basic principles of data security let alone data protection, junior employees (what that means isn't clear - tax inspectors?) sent disks through postal systems 3 times.

    Whether or not any of this data is misused it is compromised completely, since it appears to have been little protected, and has the potential for surfacing at any time.

    On ID cards he said the key thing was that information was protected by biometric information, while at the moment information was "much more vulnerable" than it should be.

    That begs the question of the numbers of people who will have access to the national ID database, and the other information they may be linked to (health, immigration, benefits, etc), which will be of several orders of magnitude greater than now. It will effectively be even easier to access by employees and others with access. Information on these databases might be protected by other information (i.e. biometrics) up to a point - but data en masse that can be copied is not.

  62. At 05:41 PM on 20 Nov 2007, nick wrote:

    Ask to have your child benefit to be paid over the post office counter(if you can find one near you that's still open) as it was in the old days. Then at least you haven't given them your bank details and you've helped your local post office remain in business

  63. At 05:42 PM on 20 Nov 2007, Steve Baker wrote:

    How much longer have we got to listen to this Governemnt passing the buck on for every failing, to someone else - during today's interview, Jane Kennedy may seek to reassure us that the 'banks will do this' and the 'banks will do that' - but it's government departments that have agian been left wanting when it comes to transport of secure information, having now had two such failures. Why should anyone trust the government to know better when it comes to security of future identity card data ??

    Steve Baker

  64. At 05:42 PM on 20 Nov 2007, Duncan Woolard MBE wrote:

    Why don't you ask Alan Leighton or Crozier why the discs got lost in their post?

  65. At 05:43 PM on 20 Nov 2007, Jill wrote:

    Working in the public sector myself and familiar with the incompetence of a large number of civil servants, this shocks even me. Of more concern than my bank details being lost is the fact that my full name, address, date of birth and NI number - all my distingushing data - are now "lost in the post". I may get any money back that someone manages to take from my account, how can the government assure me that this information will not be mis-used?

  66. At 05:44 PM on 20 Nov 2007, Duncan Woolard MBE wrote:

    Why don't you ask Alans Leighton or Crozier why the HMRC discs got lost in their post??

  67. At 05:44 PM on 20 Nov 2007, Nigel Reese wrote:

    I find it hard to believe that 3 years ago I was in favour of ID cards, how misguided I was. The latest shameful fiasco in the Child Benefit details is proof to every sentinent being in this country that governement should not be trusted. I would rather put pointed sticks in my eyes than provide this shower with any more of my personal details. Wake up Britain and throw the ID card legislation out.

  68. At 05:46 PM on 20 Nov 2007, Bob Munton wrote:

    Let there be no more talk of Id cards from this wretched bunch of amateurs running our country with their protected pensions. A professional Civil Servant (one who has never had to compete with external candidates for his £170,000pa salary?) resigns but really, go now Darling, just go now...

  69. At 05:46 PM on 20 Nov 2007, Peter Hewlett wrote:

    Re. government announcement of loss of personal data today

    Why does the government take the advice of the banks re. what individuals should do about their potentially threatened accounts.
    The banks are only acting in their own interests.
    They do not want the problems of so many customers changing details. - the banks have nothing to lose ultimately if there is widespread fraud - they will simply demand compensation from the government , which means the tax payer

    The government are beig at best niave and at worst negligent with tax payers potential losses.

  70. At 05:48 PM on 20 Nov 2007, Tom Moore wrote:

    I am more concerned that the details contained on the disc will allow bogus health check scams to be carried out on vulnerable children.

    The money is annoying but the safety of my child is far more important.

  71. At 05:49 PM on 20 Nov 2007, colin parkes wrote:

    Oh, for Heaven's sake! Did Alastair Darling put any CDs in an envelope? How can he be blamed for the behaviour of some dippy clerk? Stuff happens. He's come clean pretty quick by the standards of these things, and seems to be whizzing around in the manner apparently required of poor government ministers these days, to sort out the mess -- if indeed there is a mess, and not an envelope down the back of a filing cabinet somewhere..

  72. At 05:50 PM on 20 Nov 2007, k johson wrote:

    how old is this computor system, isnt it the one that failed to get going under the old csa that spent millons getting it to not work in 2004 (3 years ago) before handing it all over to the current Revenue and Customs . either way the whole sytem was either ported to there sytem or fixed in 2004 which is not old,
    either way it shows the fact that nobody should have all both halfs of the data available to them.

    just like the old spy novels (with the torn bank note, or half a locket )the best way to store data is to keep the accounts details seperate from the name needing a key to put the two together.

    I thnk everyone should ask for a new account number from their banks as this would be the first way to regain some sercurity, changing your childrens names by deed pole might be a bit extreme

    So in addition to selling our dvla data for £2.00 this government is now giving it away for free

    bring on the id cards i cant wait to get framed for a few murders using a copy of my biometrics.

  73. At 05:52 PM on 20 Nov 2007, Jonathan wrote:

    From everything I've heard, the data was passworded, but not encrypted, which are two very different things.
    Just another nail in the coffin.

  74. At 05:53 PM on 20 Nov 2007, mystified wrote:

    I strongly suspect that there will be a safe, secure network connection running between HMRC and NAO. We will be paying for this. Why was this not used to transfer data electronically ? If such a link does not exist, it does beg the question why not? To transfer any data on a "disk" is un-secure and expensive. How many couriers are whizzing up and down the country with our lives hanging out of a pannier ?

  75. At 05:54 PM on 20 Nov 2007, Chris Ghoti wrote:

    Darling says these data were encrypted, someone on the PM programme says they weren't, and Darling should go. Not because he is necessarily lying, but because the listener's reaction is 'one of them is wrong' rather than 'the person on PM has got that wrong, because Darling says the disks were encrypted.'

    Someone we are so thoroughly unable to trust should not hold the post he does in government. He won't resign, of course, (that requires a view of honour that is only acceptable in people a little lower in the ranking, one of whom has already shown his quality by doing as he should), but he ought to.

  76. At 05:55 PM on 20 Nov 2007, nick wrote:

    Again LOST BY TNT not Royal Mail

  77. At 05:57 PM on 20 Nov 2007, andy wrote:

    I wondered how long it would take them to come out and say how it's another reason to have ID cards.

    Ah the joys of the Hegelian dialectic.

  78. At 05:58 PM on 20 Nov 2007, Peter Hewlett wrote:

    My comment seems to have been lost in transit!

  79. At 06:00 PM on 20 Nov 2007, Deepthought wrote:

    Me too on the stupidity of the secretary of the Treasury with regard to ID cards question, as well as the whole set up - why 6 days before the loss was reported to the police?

    Me too that it was not the age of the computer system, but that someone had made discs and couriered them - oh great, just heard it's only password protected. Does not matter how good the computer system is, if people who have the right to access the data go and copy it, they will.

    Oh, and the Banks not wanting everyone to change their account numbers - it would cost them money, that's why!

    I could go on, but most of what I feel is above.

  80. At 06:06 PM on 20 Nov 2007, Peter wrote:

    Is there nothing that can be done to get rid of Gordon Brown and his gang of clowns?

  81. At 06:08 PM on 20 Nov 2007, C Miles wrote:

    Why is everyone saying that this was an error? Its obvious to me that this was a pre-planned theft (probably by an internal or ex-staff member). Does anyone seriously believe that in this day and age, this sort of uncrypted information would be copied onto discs and then sent via *internal postal system* to the outside National Audit Office. Come on, stop being so gullible, all information is transmitted by secure data communication systems nowadays, especially if its being sent to the National Audit Office. The information will probably be used for identity fraud and others. This sort of crime is common in Brazil, where I live and where people are making a lot of money out of stealing people's identities.

  82. At 06:08 PM on 20 Nov 2007, Colin Archer wrote:

    Shirley Williams, now Baroness Williams, said on Any Questions last week that she would go to prison rather than be forced to have an ID card. After the debacle announced today, I would expect everybody in the land to be prepared to take the same action. The government must reverse its disastrous ID card policy NOW.

  83. At 06:09 PM on 20 Nov 2007, Fearless Fred wrote:

    Ms Kennedy made a big deal about how the proposed ID card scheme would not have the same faults because it would be a new system. Oh dear! She obviously wasn't paying attention 11 months ago when the plan for one new giant ID database was scrapped. Instead, the scheme is for information to be stored on three separate existing databases, including the DWP. Click HERE for the report....

    Time for all concerned about ID cards to force the scheme to be scrapped. It's a political white elephant that's only been proposed to appear tough on crime/terrorism. But, ID cards would not have stopped 9/11, 7/7, 21/7, the Bali bombing, the Madrid bombing etc. In all these cases, the people who perpetrated these atrocious acts all travelled on their own valid IDs. This is a classic case of doing something for the sake of doing something...

  84. At 06:12 PM on 20 Nov 2007, jon wrote:

    yet another teflon mp.?

  85. At 06:15 PM on 20 Nov 2007, G Allen wrote:

    What is more worrying for me is the fact that a "junior member" of staff CAN actually make an off-line back up of the database to a CD. Security should prevent anyone breaking processes and procedures at this level.

    Also why on earth are they sending information like this information on a physical CD? Recorded or otherwise it is not a safe way to send information.

  86. At 06:17 PM on 20 Nov 2007, Dispairing Dan wrote:

    How many more incompetencies must we put up with before this wretched bunch of ne're-do-wells who call themselves a government pack their bags and sod off to where they can do less damage. So many ministers have been moved on from posts where they caused nothing but mayhem only to reappear in even more senior posts to repeat themselves once more. Mr Darling, just go, you know it makes sense.

  87. At 06:21 PM on 20 Nov 2007, Jon wrote:

    I'm furious. If I lost some classified government data then MI5 would have be locked up before I could sneeze. Why can government agencies not look after my data properly?

    While the data on its own is insufficient to take money from my account, there's not a lot more that is needed. It also seems to be enough to allow someone to open other accounts as me and carry out fraud in my name.

    No, I'm not happy!

  88. At 06:22 PM on 20 Nov 2007, Steve King wrote:

    Was it just me who was amazed that Jane Kelly has such comprehension of government IT systems, that she believed a "newer and better" ID card system would be so much more secure that such a repeat of this scandal could never occur again. Or did she just think that PM listeners would believe that?

    The ID card system will never be secure, because of the human condition. After all, it wasn't the child benefit computer system that copied its entire contents to those disks, and posted them.

  89. At 06:23 PM on 20 Nov 2007, Guy Reynolds wrote:

    The everyone one the direct chain of management of the incomcetant idot who lost my details, right upto the prime minster should resign. To loose 25M personal and 7M family records is total incompetance from the bottom up.

    To redress the balance the government should release to all of us who are affected the details of the person responsible so that we can take action against them, not keep them a faceless beauracrat.

    Mind you if the press ask the right questions they my get the name just as they did with David Kelly.

  90. At 06:25 PM on 20 Nov 2007, JohnP wrote:

    Those lost disks: it is reassuring that the authorities know no evidence that they have fallen into the wrong hands.

    Contrary to what several bloggers have said, the Government should respond to this security breach by going ahead with the ID card with all possible speed. Reasons:

    1. It's clear that, had the ID scheme been in place, it would have given the police a massive head-start in chasing where these disks had gone and who had got hold of them.

    2. The civil service will learn from this disaster not to make the same mistake twice, as it so obviously has learned from the foot and mouth crisis in 2001.

    3. The very massiveness of the ID card database will concentrate people's minds - every individual working with it, from the top executive to the most junior clerk, will be aware at every waking moment how crucial it is to preserve the security of this data.

    4. This will be a more modern system, so inherently more secure, as a Government spokesperson argued so convincingly on PM today.

  91. At 06:29 PM on 20 Nov 2007, Richard wrote:

    Should we trust the numeracy skills of a Chancellor who fails to recognise that the word "data" is plural not singular?

    quote "...data is..."

  92. At 06:36 PM on 20 Nov 2007, whisht wrote:

    God, this is even worse. The information wasn't encrypted. The CDs just had a 'password' protecting them.

    As this movement of data was so far outside of any security system (technical or operational) I can only imagine an IT person having the know how to place that much info onto 2 CDs, and I doubt that they bothered to make the password particularly 'strong'.

    So, as said above, systems are most at risk by cock up and criminal access to databases by people.

  93. At 06:39 PM on 20 Nov 2007, Frances O wrote:

    Extraordinary to entrust the sending of the disks to a 'junior' - and not to brief them as to how to send such important information.

    Or is this buck-passing to the lowest in the food chain?

    All in all, this really is inexcusable, so no excuses will wash with this member of the public, voter and taxpayer.

  94. At 06:42 PM on 20 Nov 2007, Duncan Abbot wrote:

    What is the Price Waterhouse report going to do? Conclude that some spotty kid in IT put the discs in an unrecorded envelope despite procedures to the contrary?

    This government’s answer to everything is to launch an Inquiry and then ignore the findings.

    I do not think as tax payers we need to spend the inevitable millions on yet another Inquiry to show that HMRC’s systems are not foolproof.

  95. At 06:47 PM on 20 Nov 2007, whisht wrote:

    JohnP - very funny...

  96. At 06:49 PM on 20 Nov 2007, Raymond Feeney wrote:

    Everyone is going on about the bank details being available.

    What about the names and addresses of EVERY CHILD in the UK who the benefit is paid for being available to who ever reads the data.

    Also I heard on PM that it was not Encrypted just Password protected. What in MS Excel or WinZip? A quick trawl of the internet will soon get you crackers for these.

  97. At 06:54 PM on 20 Nov 2007, a fairhead wrote:

    Why didn't they encrypt the data so even if it did fall into the wrong hands it would be of no use

  98. At 06:55 PM on 20 Nov 2007, Chris Ghoti wrote:

    Something it may take a long time to establish is the position of people whose children had been in receipt of benefit until they reached 18 during the past summer. Did this databank still include the details of all those who *have received* benefit since the system was computerised and their details added to it, or was it only those actually in receipt of benefit at the time at which the data went missing? If the latter, everyone whose last child on beneifit had an eighteenth birthday before this month is probably not at risk, if the former, it's a whole lot more people and they may not realise that even though they were getting nothing from the system they were still in it.

    We're told 25 million, which is nearly half the population. That seems a lot to be children at present under eighteen, plus one of their parents...

    So exactly who was in this database? How can anyone find out?

  99. At 06:57 PM on 20 Nov 2007, Dennis Walton wrote:


    I agree with previous contributors about Jane Kennedy. She obviously has no idea about security and computer systems. Mealy-mouthed hogwash. If that's the best she can offer it's time for her to go. And just so she is clear in her mind, the answer was 'YES' the taxpayer will end up footing the bill.
    Eddie, you are too polite, she's an MP - you should have nailed her to the wall for that effort.


  100. At 07:08 PM on 20 Nov 2007, Fearless Fred wrote:

    JohnP (90), I'm sorry, but I have to completely disagree with you. Allow me to explain why...

    1. You say that an ID database would have meant that it would've given the Police a headstart in tracing the lost discs. How?!? It's known already who generated the discs, and how they were shipped. What would an ID card have added?

    2. The "very massive-ness" of the database has nothing to do with whether the database could actually do any of the things that it is claimed to do. So far we have only had soundbites about how it will prevent terrorism, reduce crime. Where is the evidence? Show us logically how it would do any of the thigs it is claimed.

    3. As I stated in my post at 83, this will NOT be a new IT system. Instead, to cut costs, the system will be based on three pre-existing databases, including those that are linked to today's debacle.

    Those of us who work within IT and related fields know how badly things are going in the NhsIT scheme, and are dreading the implications of the ID cards, should they be implemented...

  101. At 07:13 PM on 20 Nov 2007, DaisyGerbil wrote:

    Although one can see that the Chancellor does not have direct responsibility for this most recent mess where does this leave the new 'all children' database - Contactpoint which is meant to go live Oct 08. It will hold details on every child O to 18 in England, or the ID cards scheme. With this present administration assuring us that the details will be closely guarded, need to know access only etc... who can possibly have any faith in their assurances. Currently I would not trust them to help me cross the road, let alone give them access to my children's details, my details and my biometric info. What happens when a clot in the passport office sends huge batches of biometric info on unencrypted discs???

  102. At 07:24 PM on 20 Nov 2007, John S wrote:

    This debacle serves as a timely reminder that politicians are fools or knaves and sometimes both; an honourable man would fall on his sword as would his deputy.

    HMRC used to have a freepost address - Customs Confidential - I wonder what sort of information was sent by that route? What better way is there to advertise the sensitivity of material on the inside than labelling it Confidential on the outside. I wonder how many of those letters were sold-on in the underworld.

    Putting all the data on one disk sounds a bit like putting all the eggs in one basket. At least if they had used 10 disks the parcel would have been bigger. But maybe it too had 'HMRC Confidential' on the outside.

    Now of course ID card data and health data will be SECRET. Oh dear me - so robust is that protection that the data gets kept on a laptop and left on busses and river banks. How short are our memories?

    But don't worry chaps you follow the leader - keep your mortgage with his mortgage and you can be sure that the rest of the taxpayers will keep your mortgage afloat.

    I think we all know that it is time for a change - but where is the choice? We reap as we sow.

  103. At 07:25 PM on 20 Nov 2007, Jack Hewson wrote:

    What is the minimum grade at which a Civil Servant can download, to a disc, the personal information of 25 million people ? Maybe here lies the root cause of a lot of our identity problems.

  104. At 07:28 PM on 20 Nov 2007, Izziebom wrote:

    What have TNT said publicly? Nothing on their website as far as I can see. It is my understanding that TNT also run the internal mail system for the DWP. So no worries then.

  105. At 07:28 PM on 20 Nov 2007, Peter Davis wrote:

    It was suggested, on the PM programme, that the Chancellor might be pushed on to his sword. He has not been in the job very long so that is a bit unfair. We all know who has done that job for 10 year until recently - there is no chance of him falling on his claymore and the whole cabinet is not strong enough to push him onto it. The same person shoved the Treasury and Customs together to make one vast Department - the bigger the Department, the more difficult it is to control. I forecast that if this idea of super identity cards goes ahead it will be an almighty shambles - in addition the cards would probably be available in Bangalore within 24hrs.

  106. At 07:39 PM on 20 Nov 2007, Jim Gumbley wrote:

    imagine a private in the navy borrowing some uranium fuel rods from a nuclear submarine and "losing" said rods in the internal post.

    1. why did the private have access to uranium fuel rods??

    2. why did he think it was OK to send uranium fuel rods in the internal post??

    disgusting managerial incompetence. terrifying lack of basic controls.

  107. At 07:53 PM on 20 Nov 2007, sacrebleu wrote:

    It only goes to show that even with the most sophisticated security systems, all it takes is a 'junior official' to copy information onto a couple of CDs for that system to be compromised.

    SURELY NOW the whole crazy idea of identity cards will be ditched.

  108. At 07:53 PM on 20 Nov 2007, whisht wrote:

    FFred (100) - this is odd. I had written the same response to JohnP then stopped, thinking that he MUST have been saying that tongue in cheek!!

    here was what I wrote (I 'cut' it and still had it to paste back):

    JohnP are you insane??

    1. - How would ID cards make finding lost discs by TNT easier or quicker? They KNOW the van or bike they were on, and if not the ID card won't help TNT's processes

    2. - Civil Service "learn"?? What? I'm not against the Civil Service but it is an enormous set of organisations that I've worked with (in IT) in the past (and probably in the future). Cock up or illegality can always happen with humans

    3. - the size of the database??? The one they put onto 2 (TWO) Cds was 25million individuals. That could go on one USB stick. The size is trivial in data terms.

    4. - [it was at this point I thought JohnP must have been joking...]

    god, I hope he was joking...

  109. At 08:19 PM on 20 Nov 2007, Chris Ghoti wrote:

    FF @ 100, whisht @ 107, John @ 90 *must* have been joking. Mustn't he? Please?

    Peter Davis @ 105, available in Bangalore within 24 hours, available three weeks sooner in a London pub near *you*. Buy two, get the third one free!

    Incidentally, never mind the incompetence of letting those two disks go missing, has anyone asked whether they too have ten percent of the information on them simply wrong? that's the number of people likely to have 'more than one detail incorrectly entered' on the ID card database, according to some Commons reply the other week. If one were among that ten per cent I can see it would be quite a relief.

  110. At 08:38 PM on 20 Nov 2007, sacrebleu wrote:

    Oh yes, and all those Government spokespersons who said (about ID cards): If you have nothing to hide, you have nothing to fear...


  111. At 08:42 PM on 20 Nov 2007, RobK wrote:

    Please can we clarify - there is *no part* of Alistair Darling's speech that says the data was encrypted. It was "password protected" - this is different. If the data was in a standard format (for example Microsoft Excel or CSV) which would be common in this type of situation, the passwords are easily foiled by freely available information.

    The people making lighthearted remarks on this blog clearly have no imagination. This is a hugely serious situation. There must be a full public enquiry and we need to understand precisely the chain of events that lead to this disaster.

    The primary question for the future is: how on earth was a "junior official" able to export this data to CD?? This functionality should be available to only the very highest seniority at HMRC due to the extreme sensitivity of the data.

    Another question - how come the NAO themselves did not question this happening - so much for its "compliance responsibilities".

    A full *independent* audit of ALL government databases systems needs to be undertaken by a respected IT security expert - where else are similar practices happening that have not been uncovered?

    Finally, as stated by others, national identity cards - NO WAY.

  112. At 08:57 PM on 20 Nov 2007, JohnP wrote:

    whisht (95,98), FF (100), Chris Ghoti (109)

    Yes, I was joking. But the more I think about it the more I feel like tearing my hair out in handfuls.

  113. At 08:58 PM on 20 Nov 2007, mittfh wrote:

    Haven't they heard of electronic data transfer?

    Then again, knowing the government's record with IT, they'd probably email the data unencrypted, or (even worse) send it using an AOhell or Notmail account...

  114. At 09:09 PM on 20 Nov 2007, whisht wrote:

    Hey Chris Ghoti -
    was that "one in ten" people will have more than one piece of data incorrectly entered


    everyone will have at least 10 per cent of their data incorrectly entered?

    Either way, how did they work out their data quality ahead of gathering and entering any of it? Surely they have to gather it, put it onto a database and then do some checks of the data to verify its quality.

    Unless they are looking at the data quality of the disparate systems that already hold our data.

    Or they've already started collating that database... that would be terrifying.

    Do you know anymore about this?

  115. At 09:32 PM on 20 Nov 2007, Anne P. wrote:

    David (34) I'm afraid it may affect people who do not use internet banking if they are/have been in receipt of child benefit.

    If someone else has the appropriate information they can set up internet access to your bank account without your knowledge. It will then depend on how good your bank's security is whether they check back with you or with the fraudster when sending out passwords etc.

    My elderly mother was fooled into giving out her information over the phone and within half an hour internet access had been set up to her account. Fortunately she realised she had been conned, I checked (she does not have internet access) and she immediately contacted her bank.

    If you are in any doubt I would suggest you visit your bank tomorrow to tell them you do not want and never will want internet access and follow this up with a letter.

  116. At 09:34 PM on 20 Nov 2007, Simon Wilson wrote:

    Great interview with Jane Kennedy who for me summed up the cowardly incompetence at the heart of this government.

  117. At 09:39 PM on 20 Nov 2007, Anne P. wrote:

    Jim (106) it is only a few weeks since we heard of the USAF Flying a plane half way across the States with fully armed Neuclear warheads on board.

    Never underestimate the human capacity for catastrophic error.

    Never assume that any system can be made totally human proof. It can't.

  118. At 09:56 PM on 20 Nov 2007, Robin Duckworth wrote:

    I wish I had the chance to quiz Alistair Darling in the Commons.
    So you're telling me that someone managed to copy the entire child benefit details on to two CDs.
    Then went down to the post room and handed it to a junior employee.
    Umm Yes.
    And this got put in the Internal Post.
    But it didn't arrive?
    But surely it was sent recorded and barcoded?
    Encrypted with 128 bit security.
    Well it had a password on it.
    They do have data links between the offices don't they?
    Might have.

    Is there any chance I could quiz him?

    On a seperate point - our school is taking part in a census - we were told to put on a form (which would be put on a secure database) our name, address, bank details, payroll number, NI number, car details and passport details. Absolutely refused - too much info on 1 database.

    Security is only as good as its weakest link.

  119. At 10:30 PM on 20 Nov 2007, JimmyGiro wrote:

    What safeguard is in place to stop the average civil servant from uploading such data for the purpose of selling it on?

    After all, there are thousands of them and the odds of them all being straight are fairly remote, coupled with the moral benefit of stealing from the unpopular needy people.

  120. At 10:34 PM on 20 Nov 2007, D L wrote:

    What I want to know is why why why this was made public before the discs were found. Now every unscrupulous employee of TNT is looking for them. No that's wrong; one of them found them about 16:00!

  121. At 10:37 PM on 20 Nov 2007, Simon JB wrote:

    Nothing less than the resignation of the government is an acceptable resolution of this affair. After all the PM is the person who until recently was in charge of the department which is responsible for this debacle. They should go.

  122. At 10:56 PM on 20 Nov 2007, Mark wrote:

    What a cock up!

    The Government are only too willing to heap more and more regulation upon the Banks, costing hundreds of thousands of pounds per year to make the changes to ensure compliance. It's eventually the customers and shareholders that have to pay for compliance.

    Whilst any fraudulent activity as a result of this gross negligence will be indemnified by the Banking Code, with counter claims against the Government / Public Purse. It will take a lot of effort to manage and settle claims made by customers. Will the Banks have their costs to process the claims refunded by the Government? Unlikely! ..yes again it will be customers and shareholders who eventually pay the price.

    We're told the Banks are monitoring accounts for potential frauds, and they're also going to have to manage the thousands of concerned, disgruntled and angry customers that will need reassuring that their accounts are safe. Who will be paying for all of the Banks' effort? ..yes again it will be the customers and shareholders paying the price! Don't forget the stress that will be heaped upon the Bank staff on the receiving end of the customers frustrations!

    Finally, I work for a major high street bank and we haven't received any communication at Branch level regarding this. So much for monitoring accounts for possible fraudulent activity! What a joy work will be tomorrow!

    Thank you Mr Darling!

  123. At 11:15 PM on 20 Nov 2007, Deepthought wrote:

    I've just had to write a huge cheque to HMR&C for October's VAT.

    I wonder how sympathetic they would be if I claimed that I had posted it but it was "lost in the post".

  124. At 11:43 PM on 20 Nov 2007, Chris Ghoti wrote:

    whisht @ 114, I'm sorry, I cannot remember the exact wording. What I noticed about it was that it actually said that more than one incorrect detail would not happen in (or possibly happen in not) more than ten per cent of entries. I read that as two incorrect details in up to ten per cent of people's entries, and a possibility of one incorrect detail in any number between zero and one hundred per cent of entries. I may be wrong....

    What I do seem also to remember is that this was the *same* figure that somebody else in an official capacity had given as being the average mistake-level in entries made to the police database with the information that they keep on everyone who has ever been stopped for speeding etc, even if no crime has been committed.

    As for whether or not they have started collatinging the ID database, I couldn't possibly comment. My current priority is discovering whether they had or had not deleted my details from the database they have now casually broadcast -- my children used to get family allowance, and I'd quite like to know that the details that were taken from me have been deleted rather than kept in case anyone felt a need of them to... um, to add to the ID database, perhaps? I also want to know whether my adult children's details have been retained, and if so what legal case they and I may have against this government department under the DPA.

    No, I don't trust them. Why would I? They have shown themselves to be untrustworthy.

  125. At 12:40 AM on 21 Nov 2007, Fifi wrote:

    I hope I get to share a cell with Shirley Williams. Coz I for one won't be complying with the national database / ID card nonsense either.

    This proves what I've always said: government's can't do IT, and IT only works up to a certain size.


  126. At 06:52 AM on 21 Nov 2007, The Stainless Steel Cat wrote:

    Jim (106):

    Re: the navy, I think you're getting your privates mixed up with your seamen.

    In light of the debacle - which clearly the Chancellor is *not* responsible for as this is a civil service blunder not a policy one - I agree with those who say the ID card scheme and database must NOT go ahead not.

    Sadly, I fully expect the government to parrot JohnP's tongue-in-cheek comments as if they were truth, and even more sadly, I think a lot of the population will swallow that.

  127. At 07:37 AM on 21 Nov 2007, Mike Smith wrote:

    Hi, Eddy Never mind all this about the tax office how many discs are they sending in the post over at Conecting for Health on the patient National Care Record??????

    They might as well let the crooks have the full set of our details!!!


  128. At 08:39 AM on 21 Nov 2007, Kate Weal wrote:

    Is it me or is there a glaring inconsistency in the Chancellor's admitted time-line?

    Darling told the House that he did not go public on the Child Benefit fiasco earlier because the banks needed time to put security measures in place.

    On BBC Breakfast News today he said the banks were told on Monday (November 19). If he was told on November 10 about this problem that excuse does not hold water. What happened during the other 8 days?

  129. At 09:24 AM on 21 Nov 2007, david lock wrote:

    firstly let me say that this is an enormous error - as other people has pointed out few IT environments would allow access to data in this way.

    However, I do feel that there is a lot of scaremongering going on. The 'Expert' who suggested everyone should change their bank account numbers is complete hogwash in my opinion. -(even he admitted it would need to be 'triangulated' to be of any use)

    I've never been asked for my NI number in relation to anything non-government so thats a red herring. I could give out just as much information asking for one of those birthday books for my daughter and writing a cheque out. If you send off for something and pay by cheque the only thing you'll miss out is your NI number.

    soi t is an enormous cock-up - heads should roll - id schemes should not be introduced - but the data can be got in many different ways.

  130. At 09:48 AM on 21 Nov 2007, CG wrote:

    After listening to the interview with Darling on this morning's Today program I am still not sure of a couple of things. First, did these discs make the complete journey by private courier or through the Post Office, or even some of each. Second, if they were to be transfered from one government department to another, how were they to be transfered? If they were printed onto paper and sent by post we would be in a worse situation we are now in. If they were to be sent computer to computer, then we have to think of the consequences of the same silly sod pressing the button and sending them all over the planet in a second or two.

    I would also like to remind people, as many others are doing, that the first blunder did not happen on the watch of the Darling Buds Of Dismay, it happened on the watch of The Incredible Sulk.

  131. At 09:57 AM on 21 Nov 2007, Nigel N wrote:

    Kate @128

    That timeline excuse doesn't hold. The security breach happened when the disks were put in the post, not when the Chancellor made his announcement.

    The timing cannot have been planned much in advance, as it followed-on badly from Monday's announcement about Northern Soft-Gooey-Stuff. I would suggest that he broke the news Tuesday because he had to explain why the top man at HMRC had resigned that morning — presumably he would have kept quiet for even longer if he had been able to.

  132. At 11:08 AM on 21 Nov 2007, Frankie Norwich wrote:

    The HMRC data loss affects half the population and could compromise the security details of the young generation for life. Every one affected should sue the government under its own Data Protection Act.
    Never mind about the illusion of the political left and right, who wants to simply form a Party for Competent Government?

  133. At 11:53 AM on 21 Nov 2007, Kate wrote:

    Can this really be just incompetence? I am deeply shocked by the utterly cavalier attitude shown by civil servants to highly sensitive personal data about family finances and the identity details of millions of children, my own included. If this level of incompetence exists at HMRC and the NAO then who knows what a deliberate and malicious fraudster could achieve.

  134. At 12:00 PM on 21 Nov 2007, Kate wrote:

    Can this really be just incompetence? I am deeply shocked by the utterly cavalier attitude shown by civil servants to highly sensitive personal data about family finances and the identity details of millions of children, my own included. If this level of incompetence exists at HMRC and the NAO then who knows what a deliberate and malicious fraudster could achieve.

  135. At 12:03 PM on 21 Nov 2007, Former Labour Supporter wrote:

    The words used by Mr Darling this morning were "this is unforgivable". Quite. The issue goes deeper than HMRC to a question of trust. This episode itself confirms that HMRC is in total chaos and that it's "management" are aware and are not acting to deal with the issues. In any normal business situation this management team would be removed without delay. We on the other hand are expected to hear the words and somehow accept that we should continue to trust in those in power to carry on and deal with this situation(and all others) for us. I find this astonishing. Mr Darling and his colleagues would do well to remember that they are in power because we say they are. We expect excellence in Government and if this is not delivered they can count on having their privileged positions removed from them through our democratic process.

  136. At 12:14 PM on 21 Nov 2007, Former Labour Supporter wrote:

    The words used by Mr Darling this morning were "this is unforgivable". Quite. I (and I suspect a great many others) will not forgive such fundamental failings. In any normal business situation this management team would be removed without delay. We on the other hand are expected to hear the words and somehow accept that we should continue to trust in those in power to carry on and deal with this situation(and all others) for us. Mr Darling and his colleagues would do well to remember that they are in power because we say they are. We expect excellence in Government and if this is not delivered they can count on having their privileged positions removed from them through our democratic process.

  137. At 12:23 PM on 21 Nov 2007, Paul Smith wrote:

    I am surprised that no one has suggested that this is a conspiracy to put the kybosh on the ID card scheme.
    Someone realised that the ID card scheme was a cash black hole and so thought up this spectacular way to abandon the idea without having to do a u-turn.
    Simple when you know how the government works.

    (I haven't read all the comments but I did seach for the word conspiracy on this page without finding it)

  138. At 12:28 PM on 21 Nov 2007, Eric Griffiths wrote:

    At last this overbearing, bullying organisation (Inland Revenue) might get its 'comeuppance' .
    If, as they say a 'low level member of staff' created the discs, why did such a low level person have such high level access to computer records? Why was this information sent so casually to the NAO? Is this what, in fact, normally happens but they've just been caught out? The Chancellor says the NAO could easily have gone to the HMRC computer to get the information they needed. It's 300 miles away! Is that what they have done before?

    The IR side of HMRC is, has been and is likely to continue to be an overbearing shambles. Look at the number of complaints they receive.

    This is an organisation that tells you how easy Self Assessment is but then sends you a 44 page (A4 size) instruction manual full of complex financial requirements;

    This is an organisation that does not check SA forms before sending out Tax Codes, so one week they will tell you they owe you money but then, they check the returns and come back weeks later to say you owe them money! How much does this incompetent duplication cost?

    This is an organisation that will send you a tax bill by business post that is so slow, that by the time you receive the bill and know for the first time you owe anything, the IR has already started charging you interest because you haven't paid in time. Point this out and they will in effect say, "Tough."

    I hope that this absolute scandal will lead to a very close look at IR practices because at this time, it operates like a government sanctioned gang.

  139. At 01:18 PM on 21 Nov 2007, Chris Ghoti wrote:

    david lock @ 129, I think it has always been possible for a criminal to obtain individuals' details, with a certain amount of trouble and difficulty for each one lot of details stolen, just as it was always possible for someone to steal a hard-copy Child Benefit Book; these things meant that one took a bit of care to prevent it, and the matter was in one's own hands.

    The reason people are unhappy at the moment is two-fold: one, that the information for several million people has simply been handed out by a complete stranger, with no particular effort involved for the opportunistic crook, and two, that there is no way for individuals to know, in the foreseeeable future, whether their data is going to be misused or not. Even if the disks are now found, what proof can ever be offered that they were not copied first?

    At least if someone stole a booklet the owner was likely to notice within about a fortnight, and could take steps about it. Nobody has any personal control over the use or abuse of their own details, in this matter, and that is really very unpleasant.

    It is *really* annoying for anyone who wanted to have a booklet as before, and was told they could no longer have one but must instead give the department their details and accept a direct cash transfer to their bank. That amounts to trust demanded and then betrayed.

  140. At 01:22 PM on 21 Nov 2007, pc wrote:

    The first thing that should be done is to take Adam Hart Davis to the nearest public square for a good flogging.

    Whatever about the potential damage to bank & building society account holders countrywide, at least a few of us will begin to feel a little better.

  141. At 01:26 PM on 21 Nov 2007, Spook wrote:

    I am a Government accredited Information Security Consultant and agree with the comments from David Lock above.

    There is no need to change your bank account to another number. You give out this information freely every time you write out a cheque...

    If you do internet banking (and I don't), you should ensure that your password is secure. Do not use dictionary words or names, use at least 7 characters and special characters, e.g. !"£.

    Banking internet security is woefully inadequate and I refuse to use it until such time as they protect it properly. Preferably by using a key-pair system.

    You could use a pass phrase, such as England Will Win The Eurporan Cup (EWWTEC), something that you can remember in a phrase by using the first letters of each word.

    Also, change your pin number to one that is not your, or your childrens, D.O.B. How about your wedding anniversary date, that way you would also impress your partner each year by remembering your anniversary...

    I am astonished that so many of the security protocols mandated by HMG were broken here. What will the concequences be? HMRC should expect to be heavily fined by the Data Commissioner, but where will this money come from and who will recieve the proceeds of the fines? Damn sure it won't be me! And yes, I fall into the 25 million affected.

    On a lighter note, I presume that this data breach has not resulted in any sinister activity so far, so I would not expect it too. Think about it, if you were a fraudster and had access to 25,000,000 bank accounts, would you wait for weeks before you cashed in on your windfall? I thought not...

    A note to the P.M. team about your use of Information Security Experts in furture. Please check that they have a recognised security qualification, such as Certified Information Security System Professional (CISSP) and/or are Professional members of the British Computer Society before asking your expert to comment on matters that he clearly knew nothing about.

    He made a fool of himself and you infront of millions of people live on the radio. Nobody with any sense would recommend 25,000,000 people to change their bank accoounts all at the same time! Can you imagine the chaos...

    Lets hope that they find the disks and put a lot of peoples mind a rest...!

  142. At 02:01 PM on 21 Nov 2007, Ed Iglehart wrote:


    "Lets hope that they find the disks and put a lot of peoples mind a rest...!"

    Would 'finding' them really do that, or is that as naive as suggesting changing account numbers?


    In this world some people are going to like me and some are not. So, I may as well be me. Then I know if someone likes me, they like me.

  143. At 02:30 PM on 21 Nov 2007, Charlie wrote:

    Politician : One who shakes your hand before elections and your confidence after

    -Anonymous (a.k.a. Truth-sayer)

  144. At 03:24 PM on 21 Nov 2007, Spook wrote:


    I guess that you have never changed your bank account to another number or provider. I have, and I spent months sorting out the mess!

    At least if they find the disks, we will know that the data is not being held by fraudsters. The matter of how we got into this mess is a different matter...


  145. At 06:39 PM on 21 Nov 2007, Sid Cumberland wrote:

    Fifi (125) - it'll have to be a jolly big cell!


  146. At 07:09 PM on 21 Nov 2007, Gillian wrote:

    Why haven't we heard from TNT? Has anyone searched all their vehicles?

  147. At 07:40 PM on 21 Nov 2007, Ed Iglehart wrote:


    "At least if they find the disks, we will know that the data is not being held by fraudsters"

    Thus speaks a "Government accredited Information Security Consultant"


  148. At 09:40 PM on 21 Nov 2007, A Person wrote:

    The next time I post a letter which doesn't arrive at it's destination I must remember it's not the carriers fault and bash myself up for being such an idiot for posting it!

  149. At 10:05 PM on 21 Nov 2007, Chris Ghoti wrote:

    (502ed repeatedly, starting at about 4pm, but I keep on trying...)

    Spook @ 144, I think you missed Ed's point: the discovery of the disks wouldn't mean that we could be confident that they were not copied.

    If your front-door key and address went missing for a month and then turned up somewhere outside your house and where you had never been, would you feel entirely secure about it? Or would you be inclined to assume they might have been copied, and get a new lock anyway?

    As for changing one's bank account, I can't believe that is *really* more hassle than discovering that one has been black-listed for credit by all the more-than-three organisations who check on people's credit-ratings and send information about between themselves so that changing incorrect data in two of them doesn't help, one has to find them all and change it in all of them at the same time -- which operation can take several years, and prevent one from getting a loan of any kind during that time.

    To put that another way: if identity theft really didn't matter or make life difficult, I can't think why anyone would ever worry about it.

  150. At 05:03 PM on 22 Nov 2007, Andy S wrote:

    They have no proof that the discs have fallen into criminal hands.

    I also remember some politician or other saying that they had no proof BSE would harm humans.

    Don't you just love the english language ?

    Anyone can admit to having no proof that something won't/hasn't/will not happen.

  151. At 06:00 PM on 22 Nov 2007, Chris Ghoti wrote:

    We are now told that they plan to send a letter to every person whose bank details were on that database, telling them not to worry.

    So since I can't be sure whether or not I was on that database, I shan't start to worry until I get that letter telling me not to worry, and with luck it won't arrive. (Then I can worry instead about whether it got lost in the post.)

  152. At 06:45 PM on 22 Nov 2007, Chris Ghoti wrote:

    Andy S @ 150, 'They have no proof that the discs have fallen into criminal hands. '

    And as you don't actually point out, they have exactly the same amount of proof that they *haven't* fallen into criminal hands: none, because they have no evidence of any kind about where the discs actually are or in whose hands, if any hands at all. (Hey, they don't have any proof that they aren't in criminal *tentacles*! Eeek!)

    'Anyone can admit to having no proof that something won't/hasn't/will not happen.'

    Or claim to have no proof of anything at all. I for instance have no proof that the sun rose this morning (it was overcast where I live) or that there was ever a landing on the moon. Even if these things did happen, I do not at present have in my possession anything that proves they did. :-)

    The worrying thing about this case is how ready we all are to assume that this is the sort of weaseling and word-chopping that our representative government will stoop to.

  153. At 10:02 PM on 22 Nov 2007, Ed Iglehart wrote:

    "The worrying thing about this case is how ready we all are to assume that this is the sort of weaseling and word-chopping that our representative government will stoop to."

    But in that case we do have proof!

  154. At 10:48 PM on 22 Nov 2007, Ed Iglehart wrote:

    "The worrying thing about this case is how ready we all are to assume that this is the sort of weaseling and word-chopping that our representative government will stoop to."

    But in that case we do have proof!

  155. At 12:09 AM on 23 Nov 2007, Chris Ghoti wrote:

    Ed @ 153 & 154, hush. We are supposed to be so stupid that we don't notice, and we're probably safer if they underestimate us.

    now, off you go and make a fuss about which particular individual did it this time, and don't whatever you do let on that you know that there are *thousands* of people doing it all the time who just happen not to get noticed....

    (how many was it ignoring the security procedures last month? Low three figures? High three figures? More? Much happier if we don't know.)

  156. At 12:18 AM on 23 Nov 2007, Chris Ghoti wrote:

    Ed @ 153 & 154, hush. We are supposed to be so stupid that we don't notice, and we're probably safer if they underestimate us.

    now, off you go and make a fuss about which particular individual did it this time, and don't whatever you do let on that you know that there are *thousands* of people doing it all the time who just happen not to get noticed....

    (how many was it ignoring the security procedures last month? Low three figures? High three figures? More? Much happier if we don't know.)

  157. At 12:34 AM on 23 Nov 2007, Chris Ghoti wrote:

    Ed @ 153 & 154, hush. We are supposed to be so stupid that we don't notice, and we're probably safer if they underestimate us.

    now, off you go and make a fuss about which particular individual did it this time, and don't whatever you do let on that you know that there are *thousands* of people doing it all the time who just happen not to get noticed....

    (how many was it ignoring the security procedures last month? Low three figures? High three figures? More? Much happier if we don't know.)

This post is closed to new comments.

BBC © 2014 The BBC is not responsible for the content of external sites. Read more.

This page is best viewed in an up-to-date web browser with style sheets (CSS) enabled. While you will be able to view the content of this page in your current browser, you will not be able to get the full visual experience. Please consider upgrading your browser software or enabling style sheets (CSS) if you are able to do so.