British Government Apologizes for Data Mishap

Prime Minister Gordon Brown tried to reassure Britons their personal details were safe Wednesday after the one of the biggest security breaches in the country's history left millions of people exposed to identity theft and bank fraud. Two computer disks that went missing while being sent from one government department to another contained names, addresses, birth dates, national insurance numbers and - in some cases - banking details for 25 million people, nearly half the country's population. The disks were password protected but the information on them was not encrypted, officials said.


"I profoundly regret and apologize for the inconvenience and worries that have been caused to millions of families that receive child benefits," Brown told the House of Commons. "We have a duty to do everything that we can to protect the public." Brown said he had asked security experts to work with government departments to check their procedures. He said the information commissioner also would be given the power to carry out spot checks on government departments. The Prime Minister said he stood by Treasury chief Alistair Darling, who revealed the lapse at Britain's tax and customs service.

View: Full Story on SiliconValley.com

Report a problem with article
Previous Story

Bioshock Dev: DX10 Offers Nothing To Gameplay

Next Story

Sony BMG and Yahoo Ink Online Video Deal

24 Comments

Commenting is disabled on this article.

What amazed me is how long this story took to get to the news. Some people I was at a firework display with, on the 5th of November, were talking about it then.

were you near HMRC headquarters perhaps?
Otherwise I'd be very surprised if that wasn't about one of the previous security breaches, going on the timeline involved.

Are you sure that it was the 25 million records lost, and not the 25,000 Standard Life records lost that was publicised around that time?
If it was the 25 million how did they know before a) the banks, b) Parliament unless whoever you heard it from was leaking it from HMRC. In which case, why hadn't they leaked it to the press, rather than some conversation at a firework display?

Not really sure how this could even be possible. My department (Department for Work & Pensions) never uses optical media for the transfer of data, we have systems nationwide on the Government Secure Intranet for such things.

Really messed up that this managed to happen, and incompetency is clearly evident here.

I really, really dispise the way that how all the conservative supporters shout as loud as they can when something happens like this. It's sentences like " Buffon Brown" and "Dweeb Darling" that really make me shudder.
I'm by no means in support of Labour however I'd prefer to be having proper discussion on the topic than a slagging match.

Get off your silver lined middle class cloud already.

I don't follow any political party; these are facts, not something made up to lower the tone of morons.

My fiances, my details and my two kids details are on those disks.

Lets change this a bit, now look at what they said, 'we will underwrite any loss', the same as they are taking
£900 of my taxes to underwrite Northern Rock.

Excuse me, when you invest in a company you expect in the worst circumstances to lose money.

So why are they funding Northern Rock?

That is upto the management and share holders to sort out their problems, not me the tax payer.

So don't come on with the 'conservatives getting stuck into labour'.

Labour are strumps, nothing more or nothing less.

leesmithg said,
Get off your silver lined middle class cloud already.

That comment made me laugh however you have no idea what you're talking about!

Anyway, it's a massive issue and the government are at fault. I'm not disputing that. What i'm saying is that there is no point in childish name calling to push that persons political stance. It degrades from any valid argument they might have.

If it wasnt so serious it would be hilarious

Best bit was our "Darling" stating two things

1) There is no evidence to prove that criminals have this information......(HOW DO YOU KNOW YOUVE LOST IT!)

2) The personal data on the disks contain social security numbers, bank account details, dates of birth and names and addresses of all children & parents, to then say but this alone is not enough to gain access to the accounts.......no but its plenty enough to commit credit card fraud!!

Working in IT im quite literally gobsmacked this could even happen, time to sack all those involved and employ a family of chimpanzees to replace them!

These are the same single celled organisms that were to hold and maintain the ID card database................enough said, hopefully this latest episode should be enough to kill off the ID card nonsense once and for all!

Incompetent fools who shouldnt be allowed to be car park attendants never mind in the social services!!!

The package was sent in the state's internal post — and was neither recorded nor registered. The value to organised crime of the information on the two "lost" discs is incalculable — but certainly runs into hundreds of millions of pounds. The government, of course, blames junior officials for a failure to follow protocols.

But it simply should not be possible for junior staff — or the chancellor himself — to collect or copy such details in one place. That it is, is a direct result of the government's obsession with centralised databases and its contempt for citizens' privacy.
http://www.no2id.net/

Half of the population has been exposed to potential fraud and identity theft.

Non-encrypted files on a cd rom disk with the password probably being 'password', 'jones', 'pizza', 'gay' or something a cracker can decipher in minutes.

This government should step down now.

They employ 1,000's of ICT advisors, that are yes men and women.

We still end up expossed.

They also want us to pay £300 for id cards also!

They could have sent the information via a secure encrypted wire in minutes, but NO, they buggered it up with
unsecure methods.

ROLL ON THE REVOLUTION PEOPLE!

Aren't we missing the big picture..."disks" I thought they were just for installing software from...

What happened to secure VPNs and network based storiage. Why is data being carried arround in a none-centralised form? - Public sector investment very rarely focuses on behind the scenes infrastructure. Why? Because the tax payer doesn't like the idea of their money being invested in none tangeable (or I concede, simply recoginisable) results.

Seriously, investment in local (by local I mean departmental or organisational rather then national) infrastructure is always last on the list compared to erecting a new parc bench for the local hoodlams to hand out on.

I'm not sure if all the money in the World was appropriated to security that it would be done properly. Governments should just be banned from going near a computer.

thanks crown... well good ole idiot gorden is forcing us to joing the eu constitiution crap which i already hate him for, now this which has my details in it... some day someone is gonna snipe him or something, do it quick so we dont have to suffer

They've broken just about every basic rule of protecting peoples personal data there is. Don't give some junior numptey access to tons of sensitive data, and certainly don't allow them to burn it a disc totally unencrypted and send it via an unrecorded courier service.

On the plus side though ID cards are never going to happen now because people have realised the gross incompetence of Labour, and their blatent disregard for the Data Protection act.

What muppets, the whole lot of them. The trouble is that this isn't even shocking to me... it's just one thing after another. We really need to get rid of Labour; we've had them for over a decade and things just keep getting worse.

Having this happen for the 3rd time this year, in various government facilities, not only makes it stupid people. Something should have been done about it after the first time, and not let it happen another 2 after that.

They going to have a HELL of a job to convince the public on ID cards with this blunder, serious breach of security which should not have been possible.

Also why was Gordon Brown going on about having a General election about a month or so ago and then someone telling him that he probally wouldnt win so they backed that off.

They were the records of every child benefit recipient and their children, and everyone with school age children receives some form of child benefit, so despite them trying to fudge the press by constantly stating 'child benefit recipients' what they've actually done is lost copies of the database containing the records of every single family with a child under 16 in the country :(

They originally claimed it was a junior employee who had ignored various protocols in copying the data to optical media, letting the data leave the building at all, not encrypting the data, and not sending sensitive data by registered post.
It has now been apparently discovered by further investigation that there was permission granted by a higher official at the time.

Gordon Brown is still pushing for a national ID card, but The Opposition have stated that his support for such an idea is "frankly weird" considering the government has repeatedly displayed it's inability to secure sensitive personal public data repeatedly in the last decade, currently culminating in this utter disaster despite the proliferation of regulations and the availability of superior technology for the easy enforcement of them.