twooks Posted November 20, 2007 Share Posted November 20, 2007 Apparently yet another government database has gone wonky [techie term] just 25 million names and details apparently 'gone missing' contents name address NI number bank details and they want our full details and DNA for their ID cards to protect us B-) http://news.bbc.co.uk/1/hi/uk_politics/7103566.stm Link to comment Share on other sites More sharing options...
michele Posted November 20, 2007 Share Posted November 20, 2007 I don't think so :-( Link to comment Share on other sites More sharing options...
GJH Posted November 20, 2007 Share Posted November 20, 2007 As a former Data Protection Officer I'll be interested to see how this story develops because there are a lot of questions about procedures and training and how they are implemented and controlled within government departments (including any relationships with sub-contracted companies). At least if it knocks the ID cards plan on the head it will have one good outcome. Leaving aside the debate as to whether having ID cards is desirable or not, the factor which is demonstrated time and again is that central government is unable to implement adequate security measures. Graham Link to comment Share on other sites More sharing options...
KD Posted November 20, 2007 Share Posted November 20, 2007 the problem is this news story really isnt funny. it could any of us with children Link to comment Share on other sites More sharing options...
malc d Posted November 20, 2007 Share Posted November 20, 2007 K&D - 2007-11-20 8:33 PM the problem is this news story really isnt funny. it could any of us with children As I understood it ,it is everybody with children. It really is a worry who is running these government departments these days. They don't even seem to have common sense. The government claim that ID cards will protect our identities, but I can imagine three different people all claiming to be me applying for one ! Link to comment Share on other sites More sharing options...
Forester Posted November 20, 2007 Share Posted November 20, 2007 What i dont understand is why was it being downloaded!! Link to comment Share on other sites More sharing options...
Mel B Posted November 20, 2007 Share Posted November 20, 2007 Well ... if you lot will reproduce you deserve everything you get! (lol) (lol) (lol) (lol) Link to comment Share on other sites More sharing options...
twooks Posted November 20, 2007 Author Share Posted November 20, 2007 Mel B - 2007-11-20 9:11 PM Well ... if you lot will reproduce you deserve everything you get! (lol) (lol) (lol) (lol) mixing it in style tonight Mel B :-> :-> :-> get ready to duck the flack >:-) you can always hide out here - no-one can ever find us *-) B-) Link to comment Share on other sites More sharing options...
GJH Posted November 20, 2007 Share Posted November 20, 2007 IT'S ME - 2007-11-20 9:05 PM What i dont understand is why was it being downloaded!! The main problem is that the full database should not have been downloaded. The National Audit Office genuinely need details of Child Benefit payments to ensure that the system is working properly. However, they do not need details of who payments are made to and any personal data associated with the payments. HMRC should have ensured that a file was created containing only the information required by the NAO. The problem is - and there is no excuse for it ever happening in any organisation - that people are either not trained in Data Protection responsibilites or ignore their training and take the easy way out by just copying a database instead of creating an extract. To me, one of the glaring faults is shown up by Alastair Darling's statement that the data "was sent to the NAO, by HMRC's internal post system operated by the courier TNT". The fact that the system is operated by TNT means that it is NOT an internal system. In my experience this sort of sub-contracting, where direct management is relinquished, is an area where security breaches are most likely to occur. Graham Link to comment Share on other sites More sharing options...
michele Posted November 20, 2007 Share Posted November 20, 2007 Well I'm bloody livid last week his card was being used in the Philapines now this bloody great ......... Link to comment Share on other sites More sharing options...
malc d Posted November 20, 2007 Share Posted November 20, 2007 If the National Audit Office wanted to audit the Revenue people in Newcastle they should have gone up there to do it, then there would have been no risk of data being lost in transit. Link to comment Share on other sites More sharing options...
michele Posted November 20, 2007 Share Posted November 20, 2007 Silly bloody Geordies :D Link to comment Share on other sites More sharing options...
malc d Posted November 21, 2007 Share Posted November 21, 2007 michele - 2007-11-20 11:55 PM Silly bloody Geordies :D Steady now Michelle. It might not be the fault of a Geordie. Link to comment Share on other sites More sharing options...
CliveH Posted November 21, 2007 Share Posted November 21, 2007 Similar problem occurred with data being sent back to Standard Life from HMC&E. The info was provided by Standard Life and they did this following the rules as Graham above describes. Only 15000 individuals at risk that time. But when HMC&E sent the data back, they just gave a disc to a courier, and the disc went missing. If this and the latest debacle does not knock the whole issue of identity cards on the head then nothing will. It tells us all that however "safe" a system is, the weak point is always an individual or individuals who are either lazy or stupid, or have a motive to obtain the information. Consider the system itself as well, set up on the basis of the lowest cost tender and manned by people on low salaries. Just ripe for abuse. Link to comment Share on other sites More sharing options...
GJH Posted November 21, 2007 Share Posted November 21, 2007 CliveH - 2007-11-21 6:07 AM Consider the system itself as well, set up on the basis of the lowest cost tender and manned by people on low salaries. Just ripe for abuse. This is certainly the cause of some errors. Unfortunately, however, I have known problems caused by very senior officers who don't like regulatory legislation getting in the way of shortcuts they wish to take. Graham Link to comment Share on other sites More sharing options...
GJH Posted November 21, 2007 Share Posted November 21, 2007 malc d - 2007-11-21 12:33 AM michele - 2007-11-20 11:55 PM Silly bloody Geordies :D Steady now Michelle. It might not be the fault of a Geordie. True. It appears from the timeline published by the BBC Here that the problem has been ongoing since at least March. At the time the current Chancellor's predecessor was responsible for HMRC. Perhaps the resignations of both the current and previous Chancellors are called for? >:-) Graham Link to comment Share on other sites More sharing options...
CliveH Posted November 21, 2007 Share Posted November 21, 2007 I am certain you are correct Graham - I have no doubt that some senior bods will want to make "shortcuts". I would suggest that this is what happened in this latest case. I have no doubt that the poorly trained junior who put the discs in the post will get all the flack whilst the managers that allowed it to happen will get moved sideways or even upwards. Pay peanuts??? But my concern is also that a criminal getting a job in a data processing dept to actively take data could obtain the data without anyone knowing. With our Governments reliance on the accuracy of such data and no "evidence" that it has been corrupted - does anyone fancy trying to prove innocence when the system "proves" otherwise?? As an IFA now dealing with HMC&E on a number of cases where they are now saying that several of my Self Employed clients (including myself) have not paid any NIC for 2006/7 when they clearly have and can prove it, imagine the frustration of being told "Well our systems say that you haven’t paid!" - Proving that we have all paid is time consuming and bloody frustrating. The attitude of the last person spoke to about it was that we should just pay the amount they say is "missing" and the problem would go away. And I am sure it would, but we have already paid. "Catch 22" is alive and well and resides with HMC&E (and no doubt many other Government departments). God help us if we ever have to rely on people and systems like that for identity checks/cards. Link to comment Share on other sites More sharing options...
GJH Posted November 21, 2007 Share Posted November 21, 2007 I would hope that the responsible managers are taken to task Clive but I'll not 'bate me breath :-D I wish you luck in proving your case re NI. I worked in IT for more than 30 years before moving over to Data Protection etc so I've seen a number of examples of the problems you are facing - one reason why I shy away from Internet banking and on-line filing of tax returns etc. Graham Link to comment Share on other sites More sharing options...
michele Posted November 21, 2007 Share Posted November 21, 2007 malc d - 2007-11-21 12:33 AM michele - 2007-11-20 11:55 PM Silly bloody Geordies :D Steady now Michelle. It might not be the fault of a Geordie. Its ok I am a GEORDIE Born & Bred :D Only playing its the govnerment I would suggest that this is what happened in this latest case. I have no doubt that the poorly trained junior who put the discs in the post will get all the flack whilst the managers that allowed it to happen will get moved sideways or even upwards. Put this man in Charge. :D Link to comment Share on other sites More sharing options...
Tony Jones Posted November 21, 2007 Share Posted November 21, 2007 malc d - 2007-11-20 11:42 PM If the National Audit Office wanted to audit the Revenue people in Newcastle they should have gone up there to do it, then there would have been no risk of data being lost in transit. Probably didn't know where it was, or didn't fancy a jolly up there. Tony Link to comment Share on other sites More sharing options...
CliveH Posted November 21, 2007 Share Posted November 21, 2007 Very wise Graham. Last year we were each surprised to receive a £100 late reporting fine from the revenue for our Partnership return. As this had been submitted with our personal returns and we hade a receipt we were understandably concerned ay this and appealed. We thought the appeal was successful as we had a letter and an invoice type statement showing that the £100 fine for each of us no longer applied. Two weeks later we each get a letter showing that our personal tax bill had been underpaid by!!!!!! - you guessed it! - £100 More phone calls. And bear in mind that our Partnership return is dealt with by one Revenue office and our personal details by another. In the end I got hold of a really helpful lady who was able to go into the system and see what had happened. She found that our Partnership Return had been received and logged therefore the two fines of £100 applied to each of us was incorrect. It was also incorrect because only one £100 fine should have been applied even if we had submitted a late return, not two - one to each partner When I appealed, rather than deleting the fine, the person who wrongly applied not one but two fines for a Partnership return that they could not be bothered to find, this individual actually paid the "fine" he had wrongly applied by taking £100 each from our personal Inland Revenue Accounts. Hence the letters to us saying that we had each underpaid by £100, despite our being able to prove that we had paid the full amount and had copies of the cheques and bank statements to prove it. I got it sorted in the end but it took a long time and at each phone call I was told "Our system cannot be wrong- just pay the £100 and the problem will go away!" Only when I insisted on talking to a supervisor did I manage to get anywhere. Link to comment Share on other sites More sharing options...
CliveH Posted November 21, 2007 Share Posted November 21, 2007 Sorry - wrong "bear" - must be my sore head. Meant to add that the person who "fiddled" our account was reprimanded apparently and sent for "re-training". Link to comment Share on other sites More sharing options...
malc d Posted November 21, 2007 Share Posted November 21, 2007 Tony Jones - 2007-11-21 9:04 AM malc d - 2007-11-20 11:42 PM If the National Audit Office wanted to audit the Revenue people in Newcastle they should have gone up there to do it, then there would have been no risk of data being lost in transit. Probably didn't know where it was, or didn't fancy a jolly up there. Tony In my office days the auditors came in and scrutinised whatever they wanted to look at, we didn't send them something that WE wanted them to see. It seems to me the National Audit Office need to review their procedures as well. It also worries me that so many people think that if one or two politicians resign the problem will go away. We've had quite a turnover of Home Secretaries in the last few years but there's no obvious improvement in that dept. Link to comment Share on other sites More sharing options...
parkmoy Posted November 21, 2007 Share Posted November 21, 2007 Without downplaying the seriousness of this in any way, don't the media make a real meal of it? I'm just watching Sky News and I think it's the worst type of scaremongering. You'd think they had hard evidence that the disks were in the possession of master criminals who were busy creating false identities for everyone in the country and we were all going to be defrauded. Sensible advice about precautions yes, this sort of exaggeration, no. Link to comment Share on other sites More sharing options...
CliveH Posted November 21, 2007 Share Posted November 21, 2007 Tend to agree about the media hype on most things but no one should underplay the seriousness of this. The information on that disc includes everything someone needs to rip you off by pretending to be you. Any intelligent criminal would simply wait a few months then test the water with the data he or she now has. No, of course a criminal would not suddenly nick the identity of the thousands of people on the disc. That would draw attention to them. They will wait a few months or even years and then start. They know how NOT to draw attention to themselves. If it is in the hands of criminals (and let's hope it is not) then basically if people do not change their bank account details then they need to look at their accounts on a daily basis from now on. Not just for the next week or so but long term. My advice if you have children and are therefore on these discs is to open up another account ASAP and close down the one you had your child benefit paid into. And that in my view is not hype - it is simply being prudent. With all the hype - even if these discs now turn up! - I would put a £ to penny that they have, by now, been copied. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.