British Government Commits Biggest Ever Data Breach

The British Government today admitted in the House of Commons it has committed the biggest ever data security breach when it announced, two weeks after the event that a civil servant downloaded onto two CD’s the personal data of 25 million British citizens and sent them unregistered by courier to another department 200 miles away. The discs were the “lost in the post”.

Amongst the data files were:

The names of 25 million individuals

Their date of birth

Their address

Their National Insurance Number

Full details of their earnings

Their telephone number

Their full bank account details including

Address of bank

Bank account number

Sort code number

Names of every single child in the country

Address of every single child in the country

Complete details on the parents of every single child in the country


In short, the British Government has lost all the personal data necessary for the identity theft of 25 million UK citizens. Police are said to be looking for the two discs…

Oh boy, here comes GT and Capn Birdseye.

At least in Britian, the violations of privacy rights are accidental government incompetence. In America, we now do that on purpose :(

I know those intellectual pygmies here who accuse me of being off topic and "anti-fat Londoners with bad teeth and worse manners" will probably object to my post here, but I am immediately reminded of last years theft of a laptop that contained almost the whole of the United States service personnels' pension records.

It could happen anywhere.

However, I am then reminded of the response of one British reader in todays Guardian:


"whatithink

Comment No. 938081

November 20 19:15
GBR

AntwnPowell is spot on. The British state is incredibly incompetent - I've never seen anything quite so awful in any other country I've lived in, worked in or visited. It couples it with a quite mind blowing level of arrogance.

This government has used the state as a way of bribing people into voting for it by creating non-jobs for them in the state sector. It employs huge numbers of not very good people and overpays them."

http://www.architecture.uwaterloo.ca/faculty_projects/terri/Brun_Brazil/Images/Movie%20Shots/Brazil32.jpg

A government minister has just tried to evade a journalists question asking if the data on the two discs was even encripted. Apparently (after repeated questioning) she said it was not "proceedure" to do this...

Is this what they mean by a distributed database? I thought it was something altogether different. :)


On the BBC website (http://news.bbc.co.uk/1/hi/business/7103940.stm) a member of the public points out:
Quote:
"On 5 November we had £2,800 removed from our Alliance & Leicester bank account by someone who pretended to be my wife, but convinced our bank through the use of child benefit information to empty our account!"

"At the time, our bank was at a loss to explain how such detailed info was somehow available to someone else. At least we now know how,"


s63 (5) of the Data Protection Act (1998):

"Neither a government department nor a person who is a data controller by virtue of subsection (3) [this is the royals] shall be liable to prosecution under this Act"

How nice of them to exempt themselves from their own law.

Oh - and guess who got the contract for running the governments internal mail system? Rupert Murdoch.

I have always maintained that this repressive Labour government is incompetent and the news of its latest cock-up, in a long line of cock-ups, just emphasizes the point!
There is the stench of decay coming from this government as it staggers from one crisis to another - Alistair Darling's mishandling of the Northern Rock problem nearly brought the UK banking system down recently and has now landed the British taxpayer with a potential loss of up to £45 Billion!!

The ironic thing about this whole episode is that this comes from a government that wants to issue us with ID cards. It's been telling us for ages how it will carefully safeguard the security of all data it collects from us (:)) but would you trust such a promise? I certainly wouldn't! If I shook hands with Darling or the Dour One aka Gordon Brown, I'd count my fingers afterwards, I wouldn't trust either of them, the incompetent buffoons.

And lets not forget the fact that this loss happened around a month ago, only now are we being informed about it, so much for transparent open government - what a joke!

http://news.independent.co.uk/uk/politics/article3179626.ece

After Darling carefully tried to blame a junior office assistant for the "blunder" we now find out its a systemic problem within the organization based on the desire to save money, money that was cut from the budget by who? No less than Gordon Brown when he was Chancellor!

To my mind what is worrying is that a junior office assistant could actually download 25 million unencrypted detailed records onto to CD's in the first place, even if he did it under orders from above. Surely the national database should be more securely protected than that? It sounds as though it was as easy as downloading music from the web!

This whole government is a shambolic mess lurching from crisis to crisis. And there have been plenty more blunders along the way ...

http://www.dailymail.co.uk/pages/live/articles/news/news.html?in_article_id=495188&in_page_id=1770

It's funny how Nick-Taylor has gone very quiet all of a sudden. I was so looking forward to saying "I TOLD YOU SO!" heh heh.

It's funny how Nick-Taylor has gone very quiet all of a sudden. I was so looking forward to saying "I TOLD YOU SO!" heh heh.
Quite so Marksix!!

As the Dour One faced a barrage of criticism over the government's handling of the crisis he had to perform a swift U-turn by announcing that Richard Thomas, the Information Commissioner, would be given new powers to carry out spot checks on the databases held by public sector organisations. Up till now public sector oragnisations have been exempt - amazing! - but I think we now see the reason!

As recently as 25 October, the Government rejected Mr Thomas's request for such a power in response to a Lords committee. It said then that "the current enforcement regime for data protection is fit for purpose". (:)) And the Moon is made of cheese!

But yesterday an embattled Mr Brown appeared to relent, adding that he would also consider the commissioner's plea for the creation of a new criminal offence of "reckless disregard of data protection principles". He insisted: "We will do everything in our power to ensure data is safe." (:)) I've just seen a pig fly by my window ......

Why do the images of "stable doors" and "bolting horses" keep coming to mind?

This shambolic incompetent government should go and go now, its not fit for purpose!

http://www.timesonline.co.uk/tol/comment/cartoon/

Capn, I'm sure people would listen to your posts a little more if you didnt resort to calling people stupid names like 'the dour one' it brings the tone down to a childish level and people who want a good discussion are probably dismissing every UK based thread because of your ramblings.

Capn, I'm sure people would listen to your posts a little more if you didnt resort to calling people stupid names like 'the dour one' it brings the tone down to a childish level and people who want a good discussion are probably dismissing every UK based thread because of your ramblings.

Jackie Ashley
Monday May 14, 2007
The Guardian (http://www.guardian.co.uk/)

If the world is adjusting to the idea of Gordon Brown, prime minister, so is the so-called leader of the free world. Last week, George Bush was musing to a White House visitor about his first proper encounter with the chancellor. He was quite impressed. "I'd been expecting a dour Scotsman," he admitted. His visitor warned him, "Don't worry, you'll find Gordon does do dour."

http://www.guardian.co.uk/comment/story/0,,2078723,00.html

Or you could actually respond to what i said. Im not debating Mr Brown's 'dourness' Im asking you why you feel the need to call people ridiculous nicknames in a place where there is a little more maturity.

Or you could actually respond to what i said. Im not debating Mr Brown's 'dourness' Im asking you why you feel the need to call people ridiculous nicknames in a place where there is a little more maturity.
Chill out alonzo ... Isn't Gordon dour?

He comes across that way but ive never met him. Not my point though.

If you agree that Gordon is dour why shouldn't I refer to him as the dour one?

Its immature in a Forum where we discuss things in the manner of adults, its hard to even listen to your points when you have childish names for people you dont like and completely takes away any chance or your points being taken seriously.

As far as i can see this has happened due to 'cost cutting', so i guess it was only a matter of time. Astonishing incompetence on the part of the individuals concerned. How can personal information on millions of people (including bank details) be put on a disk and 'lost' in the internal post??? And the result? Labour and Tories pointing their fingers at each other like children in a playground. Pathetic.

I'm now wondering if this situation may have an effect on the implementation of ID cards. I was in favour initially of ID cards, but if personal details can be lost so easily as has happened this week, i'm not so sure anymore.

I'm now wondering if this situation may have an effect on the implementation of ID cards. I was in favour initially of ID cards, but if personal details can be lost so easily as has happened this week, i'm not so sure anymore.

...you can do it Meerkat, join the millions who have, take one deep breath Meerkat, step away from the darkside into the sunlit uplands and breeth the sweet smelling air of freedom. Do it now :)

Its immature in a Forum where we discuss things in the manner of adults, its hard to even listen to your points when you have childish names for people
.... you mean like Zippy the Chimp, Front Porch, Capn Birdseye, Meerkat, Investordude, Lofter, to name but a few ......
Loosen up and chill out alonzo, theres a good fellow, there are far more important issues to discuss, like this title of this particular topic.

Very well, Id have thought everyone would get used to these blunders by now, they have been happening throughout my whole life in the Uk so IMO its nothing to do with the current government its just something that shouldnt happen but it does. That being said this is the biggest **** up Ive ever seen with the amount of people affected.

He's a little less flashy than Tony Blair, but I don't agree he's dour. Dick Cheney - now there's a guy who is dour. Gordon Brown actually remind me of Bloomberg in a sense - he's not exactly Mr. Exciting public speaker, but I think he gets his point across and actually does well in PMQs. My only problem with him (and its not my country or my business) is I really think the British people deserve a referendum on the EU treaty.

I dont know about the treaty, if we have the opt outs then whats the need?? As for him being dour, he actually seems pretty personable when you see him deal with people.

Blair Brown or even Thatcher, that wouldnt stop what happened from happening.

What about saying something interesting on the topic?

He's a little less flashy than Tony Blair, but I don't agree he's dour.
Gordon does dour believe me, there is no-one better at it. Must be his Scottish Presbyterian upbringing plus the fact he is a control freak with very poor communication skills - his administration has been described as "Stalinist", an apt description in my view.

My only problem with him (and its not my country or my business) is I really think the British people deserve a referendum on the EU treaty.
.... as promised in the Labour manifesto, a fact Gordon seems to conveniently forget! But then again who but a fool would believe anything this government says as "the truth" is always buried under a heap of lies spin and sleaze.

It's funny how Nick-Taylor has gone very quiet all of a sudden. I was so looking forward to saying "I TOLD YOU SO!" heh heh.Shock horror, I have a life meaning I can't respond to your post at your convenience! Something for you to try I might suggest ;)

As for this cock-up, its exactly that. From what has been said, regulations which were in place to stop this sort of issue were avoided/ignored and those directly involved at HMRC who sanctioned and acted upon this act should be put in front of a trial for what I consider a criminal violation of millions across the UK.

The bigger issue here is that there are far too many databases scattered across the country that allow far greater human interaction than is actually necessary. Instead one database would negate the requirement to send data across the country full-stop, and fewer people with access to the data makes it far more secure.

This whole problem reminds me of the 50mn records 'fouled up' in Japan earlier this year because of the exact same problem: too many databases with too much human interaction.