http://www.timesonline.co.uk/tol/news/uk/article2910705.ece By Philip Webster Political Editor Sean O’Neill and Rhys Blakely The Times November 21, 2007 The sensitive personal details of 25 million Britons could have fallen into the hands of identity fraudsters after a government agency lost the entire child benefit database in the post. A major police investigation is being conducted after Alistair Darling, the Chancellor, admitted yesterday that names, addresses, birth dates, national insurance numbers and bank account details of every child benefit claimant in the country had gone missing. The confidential material is on two CDs that were placed in the post by a junior employee at the HM Revenue & Customs office in Tyne & Wear more than a month ago and have not been seen since. The Chancellor and the Prime Minister have known about the loss since November 10 but there were concerns last night that the police were not told for a further five days and the banking industry was not alerted until last Friday. The catastrophic breach of personal security led to the resignation of Paul Gray, the chairman of HMRC, and called into question the Government’s competence, especially its ability to manage an ID card system in the future. No evidence of criminal activity has been detected but Scotland Yard has appointed an expert in organised crime to head the investigation. Acting Assistant Commissioner Janet Williams is heading a team of 12 officers who are combing Government offices for the lost data. The Serious Organised Crime Agency is also advising on the potential criminal abuses of information about the identities and finances of 7.25 million British households. Equipped with such detail, identity thieves could plunder bank accounts, obtain credit cards and take out fraudulent loans. Households were advised last night to monitor their bank accounts carefully for signs of irregular activity and, if necessary, to obtain credit reports. The banking industry has upgraded its fraud detection systems to keep a constant watch on all accounts into which child benefit is paid. Bankers reacted angrily to a suggestion by Mr Darling that he had delayed his announcement because the financial sector was “adamant” it needed time to prepare. A senior City source said: “By 9.30 on Monday we were ready to run. It is hard to fathom why any suggestion was made that any delay was down to us.” Mr Darling told the Commons that the information should never have left the HMRC offices and its transfer in unregistered mail was against all procedures.He said the missing data was not enough in itelf for someone to access an account for fraudulent purposes because passwords and pin numbers were required. But he apologised to the country for what he described as an “extremely serious failure on the part of HMRC to protect sensitive personal data entrusted to it.” Richard Thomas, the Information Commissioner, said: “This is an extremely serious security breach.” __________________________________________________________________ Visit InfoSec News http://www.infosecnews.org/
This archive was generated by hypermail 2.1.3 : Wed Nov 21 2007 - 00:23:58 PST