HMRC security breach

Wednesday, 21 Nov 2007 08:58

Timeline of HMRC scandal & customer advice

Wednesday, 21, Nov 2007 12:00

In an emergency statement in the Commons yesterday, the chancellor Alistair Darling admitted there had been an "extremely serious" security breach at Her Majesty's Revenues and Customs (HMRC).

The breach occurred when a junior official copied HMRC's child benefit database and sent the information on two computer discs to the National Audit Office (NAO).

The discs failed to reach their final destination and remain missing.

They contained the highly sensitive personal information of 25 million individuals who receive child benefits from the government, including bank account details, addresses and insurance information.

Timeline of events:

Oct 18th: Two password-protected discs are sent by unregistered post from Tyne and Wear HMRC to the National Audit Office. They contain a full copy of all 25 million child benefit recipients, strictly against government protocol and regulations.

When the discs do not reach their destination, they are subsequently copied and resent. The second set are received by the NAO but the originals remain missing.

Nov 8th: Three weeks later, the missing discs are reported to senior management at HMRC.

Nov 10th: The chancellor Alistair Darling is informed. He orders an HMRC investigation to locate the discs.

Nov 20th: The chancellor informs parliament that the discs have still not been found.

Mr Darling issued his unqualified apology to the House yesterday, as the Metropolitan police sent search teams to the Tyne and Wear building.

In the statement, the chancellor explained the series of breaches, saying: "The strict rules governing HMRC standing procedures were clearly not followed.

"Those procedures relate to the security of and access to data as well as their transit to ensure that they are properly protected.

"That information should not have been handed over by HMRC in the way that it was."

Issuing advice to those concerned, Mr Darling said:

Victims of fraud will be insured under the Banking Code and will not suffer any losses, should their details be used for fraudulent purposes.

Bank customers should be particularly vigilant in monitoring their accounts, although there is no need to close them or withdraw deposits.

People should contact their bank immediately if they notice any suspicious activity.

They should not give out any passwords requested by phone of email.

There is currently "no evidence" that these data have reached the wrong hands.

HMRC: Junior official committed 'colossal error'

Banks: Safeguards are in place

PM 'profoundly regrets' loss of data

Cameron attacks PM for 'systemic failings'

Timeline of HMRC scandal & customer advice

IPCC to investigate missing HMRC data discs

HMRC chairman resigns over lost discs

Recent Debates

Climate change talks
World nations are meeting in Poznan, Poland, for a fortnight of negotiations on a climate treaty to succeed the Kyoto protocol. PEGIGWC: Don't hide behind credit crunch UNFCCC: Expect disappointment

Tory arrest
Damien Green, shadow immigration minister, was arrested last night and had his home, constituency offices and Westminster offices searched by counter terrorism officers. Tories: Green denies wrongdoing Met: Decision taken without ministerial advice Green: I was astonished to be arrested

School leaving age
The age at which teenagers remain in compulsory education or training will be increased from 16 to 18 over the next seven years, starting this week. Tories: Badly thought out policy Voice: A potential minefield Labour: For a fair society

Cannabis reclassification
Cannabis will become a class B drug again after the last opportunity for opponents to stop reclassification failed in the House of Lords. Home Office: Reclassification deters users

Opinion Formers

BNTL Freeway

BNTL is an organisation seeking to promote healthy drug-free life styles and to inform on the effect of alcohol and drugs on individuals and communities.