Forgot your password?
typodupeerror
Security Government Privacy News

UK Government Loses 15 Million Private Records 339

Posted by Zonk
from the that's-gotta-hurt dept.
bestweasel writes "The BBC reports that a UK Government department has lost discs with details of 15 million benefit recipients, including names, addresses, date of birth and bank accounts. The head of the department involved, HM Revenue & Customs, has resigned and his resignation 'was accepted because discs had been transported in breach of rules governing data protection' so someone thinks it's not a trivial matter. The Chancellor will try to evade responsibility in the House of Commons at 3.30 GMT. A similar leak of a 'mere' 15,000 records from the same department happened a month or so ago. At that time, they refused to say 'on security grounds' whether the information was encrypted." We just recently talked about Britain's consideration of legal penalties for situations like this. I imagine this incident will weigh on that decision.
This discussion has been archived. No new comments can be posted.

UK Government Loses 15 Million Private Records

Comments Filter:
  • 25 million now... (Score:5, Informative)

    by Sirch (82595) on Tuesday November 20, 2007 @12:27PM (#21421607) Homepage
    Or so says The BBC [bbc.co.uk]...
    • by Slashidiot (1179447) on Tuesday November 20, 2007 @12:29PM (#21421661) Journal
      Aiming for the World Record of record losing!
      • Weren't these the same idiots who just passed a law to "punish irresponsible data loss"? So I guess the rule is as always "trust us with your safety, even if we let the enemy into your house, keep waiting for us to save you, keep submitting, obey, and all will be well... we promise, you can trust us. Don't you dare do anything without permission. Trust us, we'll take care of you."

        And the results, as I'm forced to keep saying... "are very very visible, and completely predictable."
        • Re:25 million now... (Score:5, Informative)

          by Bloke down the pub (861787) on Tuesday November 20, 2007 @01:37PM (#21422791)

          Weren't these the same idiots who just passed a law to "punish irresponsible data loss"?
          No, that would be Parliament. The people who lost the data were HM Customs & Revenue. These are two different bunches of idiots.
          • Re: (Score:3, Interesting)

            by Archtech (159117)
            "No, that would be Parliament".

            True in theory. The facts of the matter are these:

            1. The UK parliament consists of two houses: Commons and Lords. By constitutional convention, the Lords cannot block legislation agreed by the Commons; they can only delay it for a while and urge them to think it through.

            2. Because the British constitution does not separate the legislature from the executive branch, the Prime Minister is the leader of the party with a majority in the Commons. That means that the Commons becomes
        • by Black.Shuck (704538) on Tuesday November 20, 2007 @03:26PM (#21424721)

          Weren't these the same idiots who just passed a law to "punish irresponsible data loss"?
          The data isn't lost. It's just been inadvertently shared.
    • Re:25 million now... (Score:4, Interesting)

      by ilovegeorgebush (923173) on Tuesday November 20, 2007 @12:31PM (#21421685) Homepage
      Indeed. I was going to post the same thing. I'm absolutely shocked they could be so careless. Apparently, it was sent via normal post, without recorded delivery. There's a full summary from the BBC on Alistair Darling's announcement here [bbc.co.uk].

      Of particular interest is the fact that it was sent twice. Once again, by recorded delivery, after the initial package was lost in transit.
      • Re: (Score:3, Interesting)

        by Billosaur (927319) *

        How can you be shocked? This is government we're talking about... doesn't matter the country. As soon as you give one group of people anywhere the power to run the whole show, they break down into three categories:

        1. Power Brokers - the people who actually run things (and not necessarily having been elected to do so)
        2. Bureaucrats - the paper pushers, who created the red tape that keeps anyone from actually know what's going on or where the money came from/went to
        3. Grunts - the people who do the actual work, u
      • Three times! (Score:5, Insightful)

        by Dr_Barnowl (709838) on Tuesday November 20, 2007 @12:49PM (#21422023)
        The first time this happened was in March - the discs were not lost, and were returned to sender after use, not that that actually makes any difference, since the data could easily have been copied.

        The real WTFs here are
        • That the database was being sent in it's entirety to the audit office when they only asked for a sample.
        • That the whole data was sent when they only wanted a subset of the fields.
        • That junior officers in the civil service have enough access to dump entire databases.
        • That they trusted a third-party courier instead of delivering it by hand.
        • That the files were "password protected", which is clearly code for "not encrypted properly" (probably a ZIP file..).


        Ok, it's probably worse than that though.
        • by caluml (551744)

          That the files were "password protected", which is clearly code for "not encrypted properly" (probably a ZIP file..).
          Although doesn't WinZip now use AES for its encryption - which is perfectly adequate for symmetric (password) encryption.
          • by caluml (551744)
            Replying to myself, but yes, it does. WinZip AES [winzip.com]. Better than nothing. (Assuming they used WinZip). Hope they're not meaning a "hold the Shift key down while opening the Access Database 'password'"
            • by Anonymous Cowpat (788193) on Tuesday November 20, 2007 @01:07PM (#21422325) Journal
              no no, why would you think that the people in the UK government would be that incompetent? The files were no doubt secured with a 30 character password, with no dictionary words or contiguous number sequences, a mixture of capitals and lower-case, numbers & other characters with not a single person's mother's maiden name in sight. Obviously, with such a complicated password, it would have to be included on a post-it note with the disc so that the audit office could actually use them.
              • by imipak (254310)
                yeah, they think "out of band" is what happened to Brian Jones and Roger Waters...
          • AES is a fast algorithm, making it fast to crack the password if it wasn't long enough.
        • by Ed Avis (5917)
          Also - that they were sending it by post at all instead of transferring it electronically (encrypted of course)...
      • by johnw (3725)

        Apparently, it was sent via normal post, without recorded delivery.

        Not quite - it was sent by an internal courier service, provided by TNT. It seems however that the service did not include step-by-step tracing of the package's progress and TNT don't know what they've done with it.

        Had it been sent by normal post, it would make absolutely no difference whether it had been sent by Recorded Delivery or not. Recorded Delivery just gets you a signature at the point of delivery, so that if there's a dispute at a later date you can prove (up to a point) that the item arrived.

      • by imipak (254310)
        That's just the (obvious) tip of the iceberg. The real question is how was one person able to "download" (export) the entire contents of the database? Do the phrases "access control", "separation of privileges", "log reviews", "business rules", "sanity checks", and dare I say "access entitlement review" mean anything at all over there?!

        (Obviously not yet... but I suspect a whole lot of ISOification, COBITisation and ITILement will heading their way real... soon... now. I wouldn't wish that on my worst ene

    • Poor Alistair.

      He's having a shit week, what with Northern Rock potentially costing taxpayers half a billion, and now this fiasco.

      How do you lose 15 million sets of personal data in the post?

      Don't the government have couriers for this sort of thing?

      However, I don't think he'll be doing the honourable thing and resigning - none of these second-rate ministers ever seem to take responsibility for anything done under their 'leadership'.

      The only time they resign is when they're caught shagging or with suspect fin

      • Re: (Score:3, Interesting)

        by cliffski (65094)
        half a billion? no way more. heres what vince cable had to say:

        "As we stand at present, every taxpayer in Britain has something approaching £900 of their money at stake in this small mortgage bank following the £24 billion loan (which excludes the less controversial £18 billion in deposit guarantees).

        When Tony Blair was Prime Minister he was widely and rightly criticised for squandering £800 million on the Millennium Dome. This Prime Minister and this Chancellor have invested the eq
        • For crying out loud (Score:3, Informative)

          by Colin Smith (2679)

          heres what vince cable had to say:

          "As we stand at present, every taxpayer in Britain has something approaching £900 of their money at stake[1] in this small mortgage bank following the £24 billion loan (which excludes the less controversial £18 billion in deposit guarantees).

          You and Vince Cable need to go learn where money comes from.

          It's a bank loan from the central bank. Not a penny of money you have paid in tax has been given to Northern Rock. Not a penny of government borrowing has been given to Northern Rock.

          [1]I'm a LibDem supporter and I don't like Fractional Reserve Banking but this is just complete bollocks. Vince clearly has no clue where this money comes from, which I find almost as worrying as the fact that the Chancellor of the Exchequer also continually refers to

          • by cliffski (65094)
            please explain where this money came from?
            • by Colin Smith (2679)
              From the pen of the governor of the Bank of England. He created the money. From nothing. By writing it down in a ledger...

              Or rather, these days, he typed it into a computer screen, so literally, from his finger tips.
               
          • by imipak (254310)
            Enlighten me please, I thought I knew basic economics and I certainly thought it was "taxpayers money". What other sources of income has the government got? (Yes-yes, bonds and whatnot, but those bits of paper only have value because they're worth more than their face value. Where does the interest or dividend or whatever it's called come from, or rather where does the Treasury get it from?)

            I understand that tax doesn't get paid into a single large government bank account, from which they have removed this

            • by Colin Smith (2679)

              Enlighten me please

              The Bank of England simply created the money as an entry in a ledger. Then gave it to Northern Rock, they took NR's mortgages as collateral for the associated debt. This is what banks do.

              They can just 'print' it of course but that's just devaluing the currency currently in circulation.

              Yes, basically, that's what loans do. These £24 billion loans would be inflationary if they weren't primarily replacing already existing loans from other banks which are no longer willing to lend on the money markets.

              At no point did any of this money pass through the government coffers, the taxpayer didn't contribut

        • Re: (Score:3, Informative)

          by segedunum (883035)

          "As we stand at present, every taxpayer in Britain has something approaching £900 of their money at stake in this small mortgage bank following the £24 billion loan (which excludes the less controversial £18 billion in deposit guarantees).

          I hear this bandied about time and again, but there is no way the BofE handed over £24 billion to Northern Rock. It doesn't have £24 billion of loose change for a start, and it isn't taxpayer's money. What will have happened is where the BofE

      • by Znork (31774)
        "How do you lose 15 million sets of personal data in the post?"

        I dont find it the least surprising. I find it more amazing that anyone can actually believe this isnt an everyday occurance; they must never have worked in either IT or a government run organization.

        The only surprising part is that a) it actually reached someone that high and b) that someone in the middle didn't immediately slap a 'national-secrets cover your ass and throw anyone blabbing in jail' order all over it. There must have been a drast
    • by MrAndrews (456547) *
      Yes, but only 15 million of them are part of the government program to help the Russian economy [pttbt.ca]...
  • by Nursie (632944) on Tuesday November 20, 2007 @12:28PM (#21421639)
    And the government will give itself a nice fat getout clause so that it's immune when it loses everyone's data, but any company or individual outside the government is in trouble.

    Just watch and wait.
    • by paeanblack (191171) on Tuesday November 20, 2007 @12:50PM (#21422033)
      At that time, they refused to say 'on security grounds' whether the information was encrypted.

      That should read 'on job security grounds' ...
    • Perhaps this is just a cover up for a government worker selling data to a company.
  • by ditoa (952847) on Tuesday November 20, 2007 @12:29PM (#21421651)
    With a nationwide DNA database? Please. They can't be trusted with anything.
  • Hm, must be something in the English-Metric conversion, because TFA says there's 25 million lost.

    Anyway, Names and phone addresses aren't really that hard to get, but to have your bank account information compromised must SUCK.

    Of course, banks should require more than that to allow a withdrawal. Its a lot easier to put money into an account than to take it out.
    • by pev (2186)

      Hm, must be something in the English-Metric conversion

      Eh? The English have been using the metric system for a very long time now - do you mean Imperial to Metric conversion?

      ~Pev
      • by profplump (309017)
        It seems unlikely that people who complain about their weight in stones being related to the beer consumption in pints, while driving their cars at the posted 60 MPH speed limited would be considered to be using the metric system.

        For all practical purposes, the English are still using the Imperial (that's Imperial England mind you, so your correction is rather indistinct anyway) system, and will likely continue for the foreseeable future. In the past few years they've declared that certain types of trade go
  • by Gandalf_the_Beardy (894476) on Tuesday November 20, 2007 @12:33PM (#21421713)
    15,000 records for the pension provider and now somewhat like a third of all peopl in the UK sent on what appears to be unencrypted discs. When I queried this with Standard Life they said that they had no choice but to accept the data like that and that the Govt refused to encrypt it. This being the same Govt that wants to hold all of our medical records in one national database, along with all of the ID card details. For the US peope reading, the National Insurance number is synonmous with your SSN, although not of quite as much use for fraud. It's still not something that you want to allow out into the wild.
  • by Vanders (110092) on Tuesday November 20, 2007 @12:34PM (#21421735) Homepage
    The fact that 25million records were being sent via. post burnt on DVDs should give some idea of the level of technical competency in the public sector. Apparently they were being sent to the Audit Office, but why the Audit Office needed an off line copy of the data, and a complete copy at that, isn't addressed: no doubt some ridiculous bureaucratic idiocy that makes Brazil look sane.

    The idea of burning an unencrypted copy of your sensitive data to a DVD and handing it to a random delivery company should horrify even the most incompetent sysadmin or DBA. Apparently no one in HM Customs & Revenue thought anything of it.

    These are the sorts of people who want to build a massive database of all our personal details and tie them to ID cards. They tell us the data will be "perfectly safe". I wouldn't trust them to run a mail server.
    • Re: (Score:2, Informative)

      by catmandi (995992)
      The audit office specifically asked that they be sent only the national insurance numbers - with ALL personal data removed. This was very clearly stated in the debare in parliament. Their requirements for the data apprear to have been in order to set up an auditing algorithm that would allow them to then go on site and inspect the records. They felt (quite fairly I would argure) that the only impartial way to set up the audit would be to pick numbers at random, without any other information about what the n
    • by jesterzog (189797)

      The fact that 25million records were being sent via. post burnt on DVDs should give some idea of the level of technical competency in the public sector.

      Actually I'd say it's representative of the competency of large organisations in general. Just think about how easily your email address gets around once you've given it to a few companies who say they'll never disclose it. The fact that government entities tend to deal more with information about people whom the government governs, that they're not suppo

    • by Cheesey (70139)
      The fact that 25million records were being sent via. post burnt on DVDs should give some idea of the level of technical competency in the public sector.

      I worked at a large software corporation a few years ago, and was amazed to discover that master CD images were sent to the duplication plant by courier. To this day, I do not know why. The duplication plant was owned by the same corporation and was connected to their global intranet along with the office I was working at. Sending the files electronically w
  • Oh wow. I wonder who is behind the lost records?
  • by digitaldc (879047) * on Tuesday November 20, 2007 @12:37PM (#21421807)
    Didn't anyone learn ANYTHING from the last 5,000 years of record keeping?
    • Re: (Score:3, Insightful)

      by Billosaur (927319) *

      Yes... destroy all the records! Leave 'em guessing!

      Seriously, it's preposterous to talk of data retention strategies and forcing people to be part of national data banks when there's absolutely no talk about how you're going to make it secure. I would like to think a data center where personal data for users/citizens is kept would be run more like Fort Knox than the McDonald's Drive-Thru.

    • by larien (5608)
      It's marginally misleading - I read it as "lost, gone forever", but it sounds more like they sent a copy of the data to another department and it disappeared somewhere in the post.

      Not quite as bad, but still very careless and possibly in violation of data security laws.

  • by owlnation (858981) on Tuesday November 20, 2007 @12:41PM (#21421869)
    We've been heading towards the totalitarian Peoples Democratic Republic of (formerly Great) Britain for some time now. This kind of thing is actually encouraging.

    In a country where you are watched by security camera most of the day, and can be detained without charge for longer than anywhere on Earth, it is reassuring to note that the UK Government is so incredibly incompetent that there will always be a way to escape. No need for tunnels, gliders, or under the floor of a Trabant -- it should be pretty much possible to just walk through the border with a library card altered in crayon.

  • by lena_10326 (1100441) on Tuesday November 20, 2007 @12:46PM (#21421949) Homepage

    At that time, they refused to say 'on security grounds' whether the information was encrypted.
    Then it wasn't. If it had, the first thing out of their mouths would have been "relax, it was all encrypted".
  • This is from the bureaucracy that thought putting confidential personal details in a public folder on a web server was secure as long as they didn't tell anyone they were there:

    http://www.channel4.com/news/articles/society/health/exclusive+junior+doctors+details+exposed+online/469137 [channel4.com]

    and that's currently £6.2bn over budget on implementing a medical record database:

    http://www.theregister.co.uk/2006/06/16/nhsit_budget_overrun/ [theregister.co.uk]

    Why are UK government IT projects always doomed to failure?
    • Re: (Score:3, Insightful)

      by RegularFry (137639)
      Why are UK government IT projects always doomed to failure?

      Because civil servants have no idea how to protect themselves from getting shafted by software suppliers, and no financial incentive to learn, essentially. Also, the government has an extreme aversion to suing its suppliers, so the same suppliers do the same thing every time.
    • by ditoa (952847)
      Because MP's are not IT project managers and they don't employ skilled IT project managers. They treat all projects as the same so you get somebody who thinks they know about computer as they once wrote an Excel macro and give them some fancy job title.
  • Oh please. (Score:4, Insightful)

    by Harold Halloway (1047486) on Tuesday November 20, 2007 @12:59PM (#21422191)
    "The Chancellor will try to evade responsibility..." In what way could be held responsible? The data was copied and sent in clear breach of the agency's (and the Government's) rules. The last time I checked, it wasn't the Chancellor's responsibility to monitor personally all packages sent by Government agencies. Had the security breach happened due to actions which did NOT breach any rules then I might agree with you, however this is not the case here. Put it this way: If ministerial resignation (and that is what you are implying should happen) is to follow every breach of security then that is a green light to every ne'er-do-well and Tory malcontent working in Government to start posting confidential data left, right and centre.
  • by MrSteveSD (801820) on Tuesday November 20, 2007 @01:33PM (#21422721)
    At some point, if the UK government gets its way, everyone will have their DNA and fingerprints stored in a central database. How long will it be before some backup hard drive goes missing with all the data?
  • by ZorbaTHut (126196) on Tuesday November 20, 2007 @01:40PM (#21422837) Homepage
    Did they look behind the couch?

    That's where I always lose things.

    They might be there.
  • It wasn't the government, it was HMRC Her Majesty's Revenue and Customs - for the constitutionally challenged, this is a non-political part of the apparatus of the state. Secondly, Darling's commons statement (which I watched) included the minor detail that it's 25 million, not 15 million.

    Speaking as a security professional, this is fantastic news. I seriously doubt anyone's data is really at risk (the discs are almost certainly down the back of the metaphorical sofa, not in the hands of Dr Evil.) However

  • Wow...I'm not surprised at all. What fools. In my own code of ethics I'm very very very lenient on just about everything in a "as long as it doesn't hurt anybody else do as you will". Yet, not only is it hurting people, but this is from someone who has made it their work to handle other people's lives in their hands.
    Moron.
    He should have to pay for what it takes to help these 25 million or 50 million or however many people get their lives back in order.
    Himself.
  • Just think, how many of similar 'data losses' have happened in the last 2 years ? and i mean 2 years, not 3, 4, 5 or 6. Discs have been in use since 1995, top level govt. organizations have been using various backup mediums even before then, yet, there is an inexplicable boom of 'record theft/loss' in the last 2 years. in u.s. a few times, in u.k., 2 times.

    some sh*t is happening. so many 'coincidence' in a small time period means there are no coincidences involved.
  • Thankyou for responding to my the very generous proposal. The money will be put into your bank accounts very soon, but please to be sending password for this 'zip file' which you have sent. Or please to be sending me the sum of $30 for a shareware for opening this files. I await your happy response with great anticipations and to look forward to putting the monies into bank accounts. Yours, Mr Ongbgudgbu Bungongdgogi
  • Although this is a monumental cock-up, I am not that surprised. HMRC is a recent merge of two big heavyweight Government agencies - Inland Revenue and Customs and Excise. If that wasn't hard enough to deal with, during the last year or so, the Government has decided that there are too many civil servants (might well be true) but has simply decided to lay off huge numbers of employees with little consultation of forethought as to how the work would continue under the same pressures and targets. Let's not
  • by ewhenn (647989) on Tuesday November 20, 2007 @07:50PM (#21428813)
    Look... It's not going to help prevent authorized access by keeping it secret.

    If it's not encrypted, when the files are opened it will look like (or something really obvious):
    Joe Public DOB: xx-xx-xxxx 12345 Main Street .... balh blah blah..

    If it is encrypted it will look like:
    982n5o39y8h5014u9m9p!#$`15235098h14n12#$!@3476bwfSFR2387rn@!#12987ksafdkjD

    It doesn't take a fucking genious to figure out if a file is encrypted or not. And its not like they are going to told what alog it is encrypted with if it is encrypted. I can see no reason NOT to tell the public if the data is encrypted or not, so the public knows what kind of precautions or steps may be needed to protect their identity.

The flow chart is a most thoroughly oversold piece of program documentation. -- Frederick Brooks, "The Mythical Man Month"

Working...