1. Disappearing disc act
Posted on 17 Jun 2008 at 10:41
Gaffe rating: 987
The government can't resist getting IT security wrong. However, when Chancellor of the Exchequer Alistair Darling admitted to Parliament on 20 November 2007 that HMRC had "lost" two discs containing personal information - including the bank account details of 25 million people - in the post, security breaches hit a new low.
In what has become generally accepted as the biggest single loss of personal data in the world to date, it appears the discs were sent from HMRC to the National Audit Office using a standard mailing service with no packet-tracking capability. Apparently that would have cost too much, as would have just retrieving the specific data that had been requested from the database.
As it turns out, cutting corners to save pennies has been an expensive lesson in IT-security best practice for the government. Not only did the civil servants concerned ignore departmental security policy, but they were able to do so without anyone further up the management chain preventing them.
There are so many solutions that could have avoided this idiotic breach. How about a mechanism to prevent a relatively junior employee from being able to make a copy of the Child Benefit database? How about transferring data via a secure VPN rather than the postman? Or, how about employing serious encryption to protect data being moved externally rather than entrusting your security process to a simple access password?
If all that data had been encrypted, 7.2 million families wouldn't have to worry about the potential threat of ID fraud if the (still missing) discs fall into the wrong hands. And Alistair Darling would still be best known for his funny eyebrows.
Author: Davey Winder
From around the web
For more details about purchasing this feature and/or images for editorial usage, please contact Jasmine Samra on pictures@dennis.co.uk
advertisement
- Mozilla: everyone should learn a little bit of code
- Google mines social network data for semantic search
- Microsoft tweaks multi-monitor support in Windows 8
- Phone sales shrink as consumers await fresh handsets
- Nvidia warns 28nm supply problems continue
- File-fixing tools to improve uptime in Windows 8
- Mozilla: Microsoft blocking rival browsers in Windows RT
- Microsoft developing sound-based gesture control
- Dell working on Ubuntu Ultrabook for developers
- Media Center to be paid-for add-on in Windows 8
- Sony VAIO T Series Ultrabook review: first look
- Revealed: the military standards and robots HP uses to test its laptops
- Windows 8: multi-monitors and double standards?
- Why is TalkTalk's year-old porn filter suddenly big news?
- Why are laptop screens so far behind mobiles?
- HP EliteBook Folio review: first look
- The shoebox-sized all-in-one printer
- Forget the Ultrabook: here comes the HP Sleekbook
- HP Spectre XT review: first look
- Samsung Galaxy S III review: first look
advertisement
