Print 39 comment(s) - last by lco45.. on Nov 27 at 4:06 AM

Frank Abagnale (left) thinks the data was stolen. Abagnale's own former amazing criminal escapades were brought to the public eye when he was played by Leonardo DiCaprio (center) in the 2002 film "Catch Me If You Can," based on his autobiography.  (Source: Dreamworks SKG)
Government says no sign of criminal activity; famed convict says otherwise

In what could be the high tech snafu of the young century, the United Kingdom's government has lost two computer discs which contained bank account information and other valuable personal information for every parent in the United Kingdom with a child under 16.

The Child Benefit data housed 25 million individuals' name, address, date of birth, National Insurance information, and often times bank account information.  Protection and use of this information was under the domain of the government department Her Majesty's Revenue & Customs (HMRC).

Chancellor Allistair Darling of the Labour Party, issued a warning that seemed to say two things, stating first that there was no evidence that the data had gone to criminals, and then going on to state that people should "monitor their bank accounts for unusual activity."

The Conservative Party was quick to attack this lapse, calling it a "catastrophic failure."

Addressing the Members of Parliament (MPs), Chancellor Darling told them, "[This was] an extremely serious failure on the part of HMRC to protect sensitive personal data entrusted to it in breach of its own guidelines."

He went on to say, "The missing information contains details of all Child Benefit recipients: records for 25 million individuals and 7.25 million families," drawing gasps from his audience.

Apparently junior HMRC officials ignored security procedures, send the discs to the the National Audit Office (NAO).  The discs never arrived at the office.  The discs were sent on October 8th, and senior HMRC officials didn't realize the loss until a full month later, on November 8.  It took them another two days to inform the Chancellor.

Chancellor Darling does his best to describe how the scenario played out, stating:
Two password protected discs containing a full copy of HMRC's entire data in relation to the payment of child benefit was sent to the NAO, by HMRC's internal post system operated by the courier TNT.  The package was not recorded or registered. It appears the data has failed to reach the addressee in the NAO. The police tell me that they have no reason to believe that this data has found its way into the wrong hands.  The police are not aware of any evidence that it has been used for fraudulent purposes or criminal activity.
The government has set up a hotline number (0845 302 1444) where concerned citizens can get more details.

The government blamed the banking system for the delay in releasing the information, stating that the banks were adamant that they needed time before the government made the announcement. 

Chancellor Darling also tried to downplay any threat to citizens stating, "If someone is the innocent victim of fraud as a result of this incident, people can be assured they have protection under the Banking Code so they will not suffer any financial loss as a result."

The loss is under investigation by some of Britain's top cops -- the Metropolitan Police and the Independent Police Complaints Commission (IPCC), which monitors the HMRC.  HMRC Chairman Paul Gray is the highest government official currently to resign over the scandal.  His office had several previous security lapses in which less significant data had gone missing.

U.K.'s Shadow Chancellor George Osborne (Conservative Party) scathingly stated:
Let us be clear about the scale of this catastrophic mistake - the names, the addresses and the dates of birth of every child in the country are sitting on two computer discs that are apparently lost in the post, and the bank account details and National Insurance numbers of 10 million parents, guardians and carers have gone missing  Half the country will be very anxious about the safety of their family and the security and the whole country will be wondering how on earth the government allowed this to happen.
Osborne told his fellow government leaders they needed to "get a grip." He states the incident is the final nail in the coffin of efforts to create a national ID database, citing that the government can't be trusted with the information.  The finger-pointing continued throughout the U.K.'s government yesterday.  Some pointed to the aging "relics" of computers in the government offices, others blamed various government departments for various failings.

Weighing in on the issue is an interesting outside observer former convict-turned-FBI fraud expert Frank Abagnale, interviewed by ComputerWorld UK.  Abagnale, made infamous by his autobiography which became the motion picture Catch Me If You Can, impersonated professionals from doctors to airplane pilots and used his guises to pass false checks, worth $2.5 million at the time, before finally being caught by the FBI.

Abagnale states that he believes the data loss was a theft despite the U.K.'s insistence to the contrary.  He says the impact will last for years, and the government needs to be more frank with its citizens on what is to be done.  He says the breach demonstrates that the U.K is severely lagging behind the U.S. in data breach notification laws.  He also agrees with Shadow Chancellor Osborne's statements that the breach proves that a national ID database is a horrible idea.

“It was not just a mistake.  I truly believe that someone paid for the information to be stolen.  It’s what happens all the time, that someone acted in collusion with somebody else to steal this data” says Abagnale.

Abaganale went on to warn the U.K.'s government that if they think their technology is foolproof to think again.  “When people say their system is foolproof, they are underestimating the creativity of fools,” he said.

The U.S. may be doing slightly better, and so far has not fallen victim to a data loss this epic, but it has its own security issues.  A recent report by DailyTech detailed that IRS employees had fallen victim to social engineering scams, designed to test their security awareness.  The Department of Homeland Security in the U.S. has also been battered by more direct attacks from hackers.  These stories show just how proactive the government has to be in protecting its citizen's data.

Comments     Threshold

This article is over a month old, voting and posting comments is disabled

By NicePants42 on 11/21/2007 3:18:36 PM , Rating: 5
1. UK Gov't creates encrypted personal records of it's citizenry.
2. UK Gov't decides to send this information by burning disks and mailing them.
3. Incompetence of UK Postal Service pwns incompetence of UK Gov't.
4. Hilarity ensues.

RE: Cliffs:
By Screwballl on 11/21/07, Rating: -1
RE: Cliffs:
By Helbore on 11/21/2007 4:16:34 PM , Rating: 4
It was sent via TNT, a private courier, not the Post Office.

I am just pointing this out, because if it went via Royal Mail, then nobody would be worried that it didn't arrive. All it would mean is that the disks were stuck in a backlog and would probably be delivered in about three months time.

RE: Cliffs:
By MrPoletski on 11/24/2007 6:12:36 AM , Rating: 2
HAHA too true

RE: Cliffs:
By 3kliksphilip on 11/21/2007 6:12:02 PM , Rating: 4
Lets just hope the password for the discs wasn't 123. Or password.

RE: Cliffs:
By Ajax9000 on 11/21/2007 7:23:17 PM , Rating: 3
Or that the thief doesnt have a 8800GTX and a spare 600 Euros ...

RE: Cliffs:
By Mean MrMustard on 11/22/07, Rating: 0
RE: Cliffs:
By lco45 on 11/27/2007 4:06:41 AM , Rating: 2
What's the connection between socialism and data loss?

By plundstedt on 11/21/2007 2:48:35 PM , Rating: 4
Mr. Abagnale looks strangely like Tom Hanks in that picture...

RE: Frank
By BigToque on 11/21/2007 2:55:52 PM , Rating: 2
LOL, I totally see it :D

RE: Frank
By Screwballl on 11/21/2007 3:01:21 PM , Rating: 2
That is Tom Hanks at the right, the caption should read "Frank Abagnale (left).."

RE: Frank
By SoCalBoomer on 11/21/2007 3:24:49 PM , Rating: 2
It's the forehead

RE: Frank
By daftrok on 11/21/2007 11:40:37 PM , Rating: 1
Tom Hanks: I have AIDS.
Peter: HAHAHA!

By WileCoyote on 11/21/2007 3:04:05 PM , Rating: 2
brb, delivery just arrived

RE: ...
By WileCoyote on 11/21/2007 3:06:02 PM , Rating: 6

Pretty silly
By Zurtex on 11/21/2007 2:55:07 PM , Rating: 3
Yeah the whole thing is pretty hilarious

GCHQ (The Communication sector of the secret service) came up with the modern way we encrypt data over the internet 10 years before it was independently thought of and commercialised. Despite such progressions in encrypted communication technology it was sent by a junior in the post ^_^.

RE: Pretty silly
By Treckin on 11/21/2007 6:05:15 PM , Rating: 2
GCHQ is the NSA Sigint center in London

RE: Pretty silly
By ghost101 on 11/22/2007 6:13:39 PM , Rating: 2
RE: Pretty silly
By Christopher1 on 11/23/07, Rating: 0
By TSS on 11/21/2007 3:00:08 PM , Rating: 4

that's what i think of the situation. even that kitten does a better job at security. something like this should be personally delivered in a suitcase cuffed to a mans wrist escorted by a few bodyguards. especially in the future where even more stuff will be digitally controlled.

By MikeO on 11/22/2007 3:19:21 AM , Rating: 3
I'd say this qualifies for an EPIC FAIL

Her Royal Majesty's Commission (HRMC)...
By Joe42 on 11/21/2007 3:18:35 PM , Rating: 2
Her Royal Majesty's Commission (HRMC)?
You mean Her Majesty's Revenue and Customs (HMRC).

These disks have already been sold on ebay, could be anywhere by now...

By Joe42 on 11/21/2007 3:29:46 PM , Rating: 2
For the vaguely interested/bored, you can watch the Prime Minister in Prime Ministers Questions getting lambasted by parliament and the general oddity that is the British parliament here:

Question is, will this finally turn Alistair Darlings eyebrows grey?

Old News
By Alexstarfire on 11/21/2007 5:15:18 PM , Rating: 2
Man, DailyTech must be getting behind because I read this several days ago on a site that I thought wasn't nearly as up to date as DailyTech. Guess I was wrong. At first I thought they just decided not to make an article about it.

RE: Old News
By dro3 on 11/21/2007 5:50:37 PM , Rating: 2
bunch of capitalists. Capitalism sux

By Mitch101 on 11/21/2007 3:13:57 PM , Rating: 1
I believe the discs showed up on e-bay according to theINQ but Im not sure if it was a joke either. It was removed.

This was the link

RE: E-Bay
By James Holden on 11/21/2007 3:46:11 PM , Rating: 2
I read somewhere more reputable that it was a hoax. I didn't read a retraction from Inq.

Return to Sender
By Screwballl on 11/21/2007 2:48:12 PM , Rating: 2
It will turn up back at the sending party's office as Return to Sender with a few stamps from France, Australia and the US.

They can hope...

British Security
By deeznuts on 11/21/2007 7:47:25 PM , Rating: 2
Maybe they should have kept the data behind bike locks, like they did with their nukes. That way the only people who could acquire either were those with Bic pens.

British nukes were protected by bike locks

Newsnight has discovered that until the early days of the Blair government the RAF's nuclear bombs were armed by turning a bicycle lock key.

There was no other security on the Bomb itself.

By sirius4k on 11/22/2007 2:40:16 AM , Rating: 2
So I Guess James Bond is already on his mission =|

We had somebody in government who lost important data on an USB stick.. it was just laying in snow =P And somebody picked it up and returned it. What a luck =P
We means Estonia. We're much smaller country, but that shows that there's just bunch of idiots running countries =P Everywhere.

In other news...
By sinful on 11/23/2007 5:44:26 PM , Rating: 2
Catastrophic Failure: UK Loses Records of 25 Million Citizens

Meanwhile, Music industry execs are jumping for joy at the prospect of selling records to 25 million people.


By MrPoletski on 11/24/2007 6:16:02 AM , Rating: 2
He states the incident is the final nail in the coffin of efforts to create a national ID database, citing that the government can't be trusted with the information.

The one and only reason ID cards should never appear.

the government can't be trusted with the information
the government can't be trusted with the information
the government can't be trusted with the information
the government can't be trusted with the information
the government can't be trusted with the information

And I'm not just talking about cockups like this one.

By BigToque on 11/21/2007 2:54:31 PM , Rating: 1
I don't know if anyone else feels this way, but when I see a title like "Catastrophic Failure: UK Loses Records of 25 Million Citizens" it makes me think that there has been something like a hard drive failure. It seems a little misleading to me based on the content of the article.

RE: ...
By Christopher1 on 11/23/07, Rating: 0
of course...
By sj420 on 11/21/2007 5:08:04 PM , Rating: 1
Of course there is no evidence.


Someone picks up the discs (in whatever manner) takes the discs to someone, accepts cash, thats it.

Not very much evidence, maybe some video of a hand off (with how many cameras are in that area of the world), maybe finger prints. But what can that do.

Of course there isn't evidence.

I have the distinct feeling that all of those children under 16 will simply be used as names and numbers.

Go figure the govt. assumes nothing is wrong so they can do nothing about it.

Who cares right.

By otispunkmeyer on 11/22/2007 7:32:11 AM , Rating: 1
no i didnt vote for them... but then again all politicians are incompetent bastards wrapped in a veneer of competency. ie they seem to sound like they know what they're talking about when in actual fact they know less than the man running the corner shop.

labour suck so much ass its unbelievable, i hate every single member of that party. i've seen more competency from a 5 year old. i hope these jokers get replaced soon.

though there is fat chance of that... all the immigrants and benefit grabbers will make sure that labour stay put.

Cap is dead
By dro3 on 11/21/07, Rating: -1
RE: Cap is dead
By gescom on 11/22/2007 8:52:24 AM , Rating: 1
it's been said many times with no effects:

stop being impressed with authority
stop excessive shopping
quit your job
prove your alive

RE: Cap is dead
By manutdpty on 11/22/2007 9:55:38 AM , Rating: 2
Does this mean the English football team is dead? Ohhh nooo Rooney is in there as well, no wonder they didnt qualify for the EUROCUP - they never played.

"We’re Apple. We don’t wear suits. We don’t even own suits." -- Apple CEO Steve Jobs
Related Articles

Copyright 2016 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki