REFRESH(1000 sec): http://www.silicon.com/research/specialreports/digitaldefences/0,3800014341, 39169217,00.htm?r=1 #RSS silicon.com * CNET NETWORKS UK BUSINESS SITES: * atlarge.com * BNET UK * silicon.com * SmartPlanet.com * ZDNet.co.uk ____________________ Go Anonymous user log in | register Username ____________________ Password ____________________ Go close forgot password | register Site Navigation: * Home * News * Commentary * CIO Jury * White Papers * Resources * Jobs Digital Defences You are here: silicon.com > Research > Special Reports > Digital Defences Digital Defences Missing: 25 million child benefit records Entire database gets lost in the post, says taxman Printer Friendly Email Story RSS By Andy McCue Published: 20 November 2007 17:01 GMT CDs containing the confidential personal details of 25 million child benefit recipients have been lost by HM Revenue & Customs (HMRC). The records contain the names, addresses, dates of birth and National Insurance numbers of the entire HMRC child benefit database, which also includes the bank account details of more than seven million parents, guardians and carers. Two password-protected CDs containing the child benefit information were sent unrecorded and unregistered by a junior HMRC official through courier TNT to the National Audit Office on 18 October but never arrived and have not been found. The missing CDs were not reported to senior HMRC management until 8 November and the Chancellor of the Exchequer Alistair Darling was then notified on 10 November. In a statement to Parliament, Darling said the delay in notifying the public of the security breach was necessary to allow the banks time to flag up affected bank accounts and monitor them for any unusual activity. Security from A to Z Click on the links below to find out more... A is for Antivirus B is for Botnets C is for CMA D is for DDoS E is for Extradition F is for Federated identity G is for Google H is for Hackers I is for IM J is for Jaschan (Sven) K is for Kids L is for Love Bug M is for Microsoft N is for Neologisms O is for Orange P is for Passwords Q is for Questions R is for Rootkits S is for Spyware T is for Two-factor authentication U is for USB sticks/devices V is for Virus variants W is for Wi-fi X is for OS X Y is for You Z is for Zero-day A Metropolitan Police investigation into the missing discs is ongoing and Darling said police have no reason to believe the information has fallen into the "wrong hands". He said: "The missing data in itself is not enough to access bank accounts but we have to recognise the increased risk." Privacy watchdog the Information Commissioner's Office, the Financial Services Authority and the Serious and Organised Crime Agency have also been notified. Although the banks have so far reported no unusual activity on the affected accounts, child benefit recipients have been told to monitor their bank statements closely for anything suspicious and not give out any personal details requested unexpectedly by phone. Darling said no individual will suffer any financial loss if they are innocent victims of fraud as a result of this security breach. He said: "I deeply regret this and apologise for the anxiety caused." Darling admitted it is "highly likely" the Data Protection Act has been broken and said an inquiry into the missing data will be conducted by the Independent Police Complaints Commission. The government has also appointed Kieran Poynter, chairman of PricewaterhouseCoopers to investigate HMRC's security procedures. HMRC chairman Paul Gray resigned today as a result of what he called a "substantial operational failure" in the department. Shadow Chancellor George Osborne called the security breach "catastrophic" and said the government has "compromised the security and safety of every family in the land". He also called on the government to abandon its ID card plans because of the data security risk. Angry MPs also questioned HMRC procedures that allowed a junior official to download the entire child benefit database onto a CD in the first place. This is the third serious security breach at HMRC in just over a month. In November 15,000 Standard Life customers were warned after a CD containing the names, National Insurance numbers, dates of birth and pension data was lost in transit from HMRC to Standard Life's offices in Edinburgh. In October HMRC admitted a laptop containing details of 2,000 people with investment ISAs had been stolen. Add Comment Add comment Printer Friendly Print story with [print_logo.gif] Email Story Email story In this Special Report Locking down financial security Video Cheat Sheet: Biometrics Filtering's ding-dong fight with malicious spam HMRC's missing discs: Just a warning shot Web 2.0 threat looms Leader: It's time for a data breach disclosure law Editor's Blog: Missing data, missing brains Malware: From bedroom to boardroom Back to Digital Defences Special Report Reader Comments I used to work in Local IT at HMRC, until a year a... Anonymous Clearly, an extremely serious breach of informatio... Richard Atkinson The Government obviously subscribes to the 'Don't ... Guy Reynolds Even if the CD's are posted using recorded deliver... Mike Poole If this story wasn't so tragic, it'd almost be fun... Christopher Hubbard Click here to see all Related Links Pensions details on lost CD not encrypted Taxman gets new CIO Taxman warns on e-pensions deadline HMRC slammed over Capgemini contract costs Fraud-hit tax credits website to remain closed Tax office CIO gets 20 per cent pay rise Taxman's IT bill could rocket to £6bn Revenue and Customs merge IT contracts * In silicon.com [ - Navigate this site - ] 1. Zones 2. Management 3. Networks 4. Software 5. IT Services 6. Hardware 1. Verticals 2. Public Sector 3. Financial Services 4. Retail & Leisure * Newsletters * RSS Feeds * Site map RELATED WHITEPAPERS FROM MESSAGE LABS Understand the Rise of PDF Spam — FREE Whitepaper: PDF The Legal Risks of Uncontrolled Email and Web Use — FREE Whitepaper Unmasking the Online Bad Guys — FREE Whitepaper Social Networking and The Employer's Dilemma — FREE Legal Guide Reduce the Risks of Uncontrolled Email and Web Usage — FREE ePolicy Guide Digital Defences News Cyber-extortion on the rise - but targets the 'fringe' it's a bit of a gamble Data breach hits thousands of motorists More info goes missing in the post... Encryption not the key to data security CIO Jury: People and processes more important Data security a top priority for Europe EC: Collaboration is key Poll: The most expensive gadgets lost are... So where did you see it last? Digital Defences Extra Stories from around the web... Security increasingly vital to telecoms service delivery CCNMoney.com Looming online security threats in 2008 Business Week Top five worst IT security mishaps of 2007 ZDNet UK Botmaster admits infecting 250,000 computers News.com RELATED RESOURCES FROM MESSAGE LABS Newham College Saves Time & Money with MessageLabs MessageLabs Makes Life Easier for Pilkington ICI Eliminate Email Problems with MessageLabs Lloyds TSB Banks on MessageLabs Protection Autoglass Eradicate Spam Thanks to MessageLabs Quick Sitemap Links: * silicon.com * White Papers * CNET Networks * Home * Site Map * Mobile Site * RSS Feeds * Membership Centre * Register * Manage your account * Unsubscribe * Forgotten Password * Newsletters * About Us * Contact Us * Find Us * Privacy Policy * Permissions and Reprints * International * Advertise * Get silicon news on your site * Search * Site Archive * FAQ * Editorial FAQ * Manage your account FAQ * Video FAQ * Sales FAQ * News * Management news * Skills and Careers news * IT Director news * IT Pro news * SME Director news * Law and Policy news * Software news * Applications news * Operating Systems news * Malware news * Security Strategy news * SOA/Web Services news * Hardware news * Desktop news * PDAs news * Servers news * Storage news * Networks news * Broadband and ISPs news * LANs news * Mobile and Wireless news * Telecoms news * WebWatch news * IT Services news * BPO news * IT Outsourcing news * Offshoring news * Outsourcing news * Comment & Analysis * Leaders * Weekly Round-Up * Columnists * Steve Ranger's Notebook * Andy McCue: The McCue Interview * Quocirca's Straight Talking * Simon Moores * Futurity Media's Green IT * Seb Janacek's Minority Report * Howard Greenfield * Blogs * Peter Cochrane's Uncommon Sense Blog * Editor's Blog * Video & Audio * Polls * White Papers * Data Management white papers * Desktops, Laptops and OS white papers * Enterprise Applications white papers * IT Management white papers * Network and Communications white papers * Professions and Industries white paper * Security white papers * Servers and Server OS white papers * Software and Web Development white papers * Storage white papers * Jobs * Resources * Case Studies * Cheat Sheets * Events * Photo Stories * silicon.extra * Verticals * Retail & Leisure * Retail & Leisure news * Retail & Leisure case studies * Retail & Leisure comment * Retail & Leisure CIOs * Financial Services * Financial Services news * Financial Services case studies * Financial Services comment * Financial Services CIOs * Public Sector * Public Sector news * Public Sector case studies * Public Sector comment * Public Sector CIOs * CIO Jury * CIO Jury Articles * The McCue Interview * About CIO Jury * CxO Extra * Research Panel * Research * Benchmarks * Special Reports * CIO50 2008 * Tech Hotspots 2008 * Business Traveller * CIO Agenda 2008 * Data Lockdown * Lean and Green * Digital Defences * Agenda Setters 2007 * Full Disclosure * IT Risk Management * Virtual Worlds * CIO50 2007 * Know Your Network * VoIP Security * Joined-up Enterprise * Inside India * Converged Communications * Business Intelligence * Inside China * IT Governance * CRM in the mid-market * ID Management * E-Crime and Hacking * Tech's Big Gamble * Open source * The Spam Report * White Papers * Data Management white papers * Data Infrastructure white papers * Data Tools white papers * Tools white papers * Desktops, Laptops and OS white papers * Client System Hardware white papers * Components white papers * Desktop Client OS white papers * Handhelds white papers * Office Equipment white papers * Office Suites white papers * Peripherals white papers * Portable Device Client white papers * Enterprise Applcations white papers * CRM white papers * Customer Management white papers * Enterprise Planning white papers * Project Management white papers * Workflow Management white papers * IT Management white papers * Business Functions white papers * IT Budgeting white papers * IT Infrastructure white papers * Project Management white papers * Regulatory Compliance white papers * Staff Training white papers * User Satisfaction white papers * Network and Communications white papers * LAN - WAN white papers * Mobile and Wireless white papers * Network Management white papers * Network Technologies white papers * Telecommunications white papers * Professions and Industries white paper * Education white papers * Financial Services white papers * Government white papers * Homeland Security white papers * IT Professionals white papers * Music / Recording white papers * Sciences / Research white papers * Wholesale - Retail white papers * Security white papers * Authentication - Encryption white papers * Intrusion - Tampering white papers * Security Administration white papers * Servers and Server OS white papers * Server Hardware white papers * Server Platforms - OS white papers * Software and Web Development white papers * E-Commerce - E-Business white papers * Internet and Web white papers * Software Development Tools white papers * Storage white papers * Management white papers * Storage Hardware white papers * CNET Networks UK * atlarge.com * BNET UK * CNET.co.uk * CNET.co.uk Reviews * CNET.co.uk Crave * CNET.co.uk Video * CNET.co.uk Check Prices * CNETTV.co.uk * GameSpot UK * silicon.com * SmartPlanet.com * ZDNet.co.uk * ZDNet.co.uk News * ZDNet.co.uk Reviews * ZDNet.co.uk Blogs * ZDNet.co.uk White Papers * ZDNet.co.uk Community * ZDNet.co.uk Downloads * CNET Networks in Europe * businessMOBILE.fr * CNETFrance.fr * CnetTV.fr * CNETGadget.fr * GameKult.com * GOOSTO.fr * MusicSpot.fr * News.fr * ZDNet.fr * CNET.de * silicon.de * ZDNet.de * CNET Networks in the United States * BNET * CHOW * CNET.com * CNET Channel * Download.com * GameFAQs * GameSpot * mySimon * Search.com * TechRepublic * TV.com * UrbanBaby * ZDNet * CNET Networks in Asia Pacific * businessMOBILE Asia * CNET Asia * CNET Asia TV * GameSpot Asia * ZDNet Asia * Apple Source * Builder AU * CNET.com.au * GameSpot AU * ZDNet Australia * CNET Japan * Japan ZDNet * GameSpot Japan * taiwan.CNET.com * Builder China * Cnetnews China * CWEEK China * Ea3w.com * Fengniao * GameSpot China * Netfriends China * PChome.com * PcPro China * Solidot.org * SPN China * XCar China * XiyuIT.com * ZDNET China * ZOL China About CNET Networks UK Copyright ©1995-2008 CNET Networks, Inc. All rights reserved. Top of page