LinkBack URL
About LinkBacks12345?
12345?
Password1
throw new ArgumentException (String, String, Exception)
Actually, weren't HMRC the subject of yesturday's Watchdog for a different case of identity/NI problems?
It's unbelievable. This government simply cannot be trusted with anything. Now I'd like the proponents of ID cards to come out with their line "if you have nothing to hide you have nothing to fear" crap. We all fear government incompetence.
How on earth can a junior member of HMRC have access to let alone be able to copy such data onto portable media? No private company with such data would ever dream of allowing lackies such access. As for secure transportation of such data I just cannot believe that anyone was stupid enough to courier it with or without "recorded delivery".
This is incompetence of the highest level and the buck stops at the minister responsible. The thing is New Labour have no shame and no honour. They never resign on a matter of principle, they cling on to their perks and pensions until forced out. I despise the lot of them.
25m people or 7.5m families affected. It's almost half the populace FFS!
I bet the password is Admin.
"Reality is what it is, not what you want it to be." Frank Zappa. ----------- "The invisible and the non-existent look very much alike." Huang Po.----------- "A drowsy line of wasted time bathes my open mind", - Ride.
RABBLE RABBLE RABBLE RABBLE RABBLE
I don't understand why there are always calls for ministerial resignations after incidents like this. According to Radio 4 news, there are protocols established within HMRC for transmitting confidential data, the issue here is that they were not followed by a grossly incompetent (or malicious) individual in a presumably junior post. If a Tesco delivery drivers is involved in a hit and run accident, we don't suddenly demand Terry Leahy's resignation.
Looking on the bright side, this incident should convince at least 4 out of the 6 remaining dullards in the UK who did not already understand that data security constitutes one of the many show-stopping arguments against creating massive centralised databases of highly confidential information, of course meaning the National Identity Register and DNA database.
Originally Posted by Bertrand Russell
OMG. I completely agree with JPreston. Someone shoot me
If it were a case of an isolated act, even when it's a breach of protocols, then it would be a disciplinary matter for that individual and, perhaps, a resignation matter for the senior manager whose watch permitted it.
But the logic of who carries the can is that of where the buck stops.
And this isn't an isolated case. Firstly, even the Chancellor admitted in his statement that the NAO request that triggered this was not the first such request. It had happened several months before, and the response by HMRC had been the same then - dump the database to disk and post it. And after the disc (well, two it now seems) went missing, and the junior HMRC official involved was told, he simply mailed it out again. How many more such cases have there been? How much critical data has been whizzing round the country in the post like so much civil service junkmail? And how long for? Many months, at least, according to Darling.
And it goes beyond even that. A couple of months ago, several thousand personal records went missing because an HMRC officer left a laptop containing then in the back of his car (overnight IIRC) and, surprise surprise, it went missing.
And it emerged on Watchdog last night that one lady had had her NI number issued to someone else (an immigrant, when the temporary number was replaced with a permanent one) and they've been sharing the same NI number for nine years, and all because of the same surname and first initial. That has caused one lot of pension records the be overwritten (and lost) with someone else's, and a significant overpayment of tax, some of which the Revenue have declined to refund since it's over 6 years ago. So when they screw up our tax records, we have to catch them at it within 6 years. Note, that six years comes from the expiry of the ability to sue, as laid down in the Limitation Act, so this amounts the HMRC saying they can screw up, but if they can't be sued over it, tough luck!
And, according to the radio this morning, several more cases of similar confusions are already emerging.
Then, of course, there's the farce over the tax credits farce. Another of Brown's mismanaged messes.
And, of course, we are now heading for economically tricky times because of the unprecedented level of consumer debt. Who presided over that? Who was the Chancellor that has crowed and crowed and crowed about his economic competence, and how good he's been? Our economy is certainly not an abject disaster, but like a household budget, you can't keep borrowing to justify spending beyond your income for ever. Sooner or later, the bill comes due. But GB actively encouraged, and certainly did nothing to reign back, the ever-expanding credit problem, because all that extra spending kept the economy appearing to be growing within targets, and because it raised loads of extra tax revenue. And, of course, he presided over the division of banking controls into the tripartite arrangement that has received so much flak over their inability to respond quickly and unambiguously to the Northern Rock saga as it developed, not to mention the structure of controls over the banking industry that allowed it to develop in the first place. And that was a matter of pure policy and in the then Chancellor's hands entirely.
Civil Service departments are, ultimately, the responsibility if ministers. They run them, they issue the orders to which civil servants at least in theory) jump. And the CERTAINLY claim the credit for anything that goes right within that department, whether they had anything to do with it or not. So if they're responsible, and they claim the credit for the good, they are due the blame for the bad.
This is a political issue that ought to come to rest at a politician's door precisely because it's not an just isolated incident as a result of an individual ignoring procedure. If it were, that would be different. But it's already becoming clear that not only are procedures being ignored, apparently as a matter of course, but that the system relies on a procedure when it should have been locked down by access controls.
And it isn't even looking like a single system failure, but one of a catalogue of issues, of both systems and policy. Who decided to merge Customs and Inland Revenue, and at the same time, implement staffing cuts amounting to about 25%, including a lot of management. Small wonder junior officials are doing this sort of thing, if large numbers of their bosses have gone.
So I call for ministerial, or rather prime ministerial heads, on the basis of taking responsibility for that over which you had authority, and on the basis of the extraordinary nature of this breach, and of it not only being a procedural violation but the absence of the systems checks and permissions that would have prevented a junior official being able to download this data under any circumstances at all, and of it being part of an emerging picture of departmental incompetence in a variety of areas. And because Gordon Brown in a virtually unprecedented length of office, presided over the Treasury and all it's divisions as his personal fiefdom and powerbase for 10 years.
Are we going to see Brown take the heat for this? Very dubious. He got out just in time. Had it happened a few months ago, though, it might have placed a large question mark over his ability to do the top job. Still, I suppose now we can perhaps have some assurance that he won't countenance an attack on Iran. He'd probably lose the troops somewhere in Wiltshire.
Whether this costs Darling his job is a LOT more open. I still rather doubt it, unless more examples of this come out. If they do, then he'll be the sacrificial lamb presented to the altar of public outrage for the simple reason that if it isn't him, it'll be Brown. And the chances of Brown allowing that? Yeah, quite.
Not even a junior minister, Carl. A junior official in HMRC, apparently responding to a request from a junior official in the National Audit Office.
And the really silly thing? According to Sir John Bourn (the country's chief government auditor), the data request wasn't even for all these records. They asked (according to a statement in the Commons this afternoon) for a list of NI numbers, and just that. All they wanted was the population data from which to select the sample on which they'd do their audit. If that assertion is correct, they neither wanted nor needed this database, just list of NI numbers. Of course, it remains to be seen if that assertion is confirmed or disputed - if we ever get told, of course.
To all the people who rely and trust big brother, big brother just handed you a slamdunk on this one!
There are so many monkeys working in the UK government, it is unbelievable.
One thing that I find curious about the whole saga, 25m records spread presumably across at least one or more tables, should take up a whole lot more space than 2 CD's. Hopefully this means the media has at least slightly exaggerated the size of the breach.
Still, any loss of data on this scale is simply crazy and I agree wholeheartedly that people should be held accountable. Starting with whomever actually actioned the request and working up.
TBH I dont think real monkeys could have made such a mistake.
It's no exaggeration I'm afraid.
Apparently, that breaks down as 15m kids, and 10m adults.
I'm not aware of any official statements that these were CDs, though. The term used, as far as I know, is "computer discs". That could be DVD, or some form for MO or PD disc, or all sorts of things. Arguably, it could be removable HDs, though that certainly wasn't what I inferred from what was said.
There's an old saying ....
To err is human. To really cock things up you need a computer.
Compression. Certainly with ASCII based material is very very good. I just compressed a 17MB .rtf file (rich text format) down to 16.6KB using winrar + best compression. Granted, it was 17meg of 0's, but I'm just illustrating a point
I just don't get how they could allow such data to be burnt to disk without something like a solution from RSA being there. Never mind a junior being able to do it.
Oh, and with data like this, there really should be someone delivering it personally to its destination from the company.
Even if there is less that the media might have exaggerated, that's still a whole load of peoples data..
Yes. Its fricken horrible this.. Infact, I don't even like the idea of someone personally delivering something as important as this. If anything, it should be done in a securicor van or whatever, with armed guards and a briefcase handcuffed to someones wrist and all that. Bloody 2007.... They should be transferring data like that over a WAN or something, on a secure connection. Its just amazing that some pleb would write this onto a disk (probably zipped with WinZip unregistered version, and then burnt with Nero), and then it was just stuck in an envelope and sent via some public delivery company. (DHL, UPS, one of those types of places.. with three letters). Its madness. It makes me wonder if they where so stupid to do that, that maybe there won't be any encryption on there at all. Or maybe they put a password on the zip and wrote the password on one of the CD's. Arrrghhh.Compression. Certainly with ASCII based material is very very good. I just compressed a 17MB .rtf file (rich text format) down to 16.6KB using winrar + best compression. Granted, it was 17meg of 0's, but I'm just illustrating a point
I just don't get how they could allow such data to be burnt to disk without something like a solution from RSA being there. Never mind a junior being able to do it.
Oh, and with data like this, there really should be someone delivering it personally to its destination from the company.
I wonder what will happen next. Some tramp finds the CD's and he uses them as plates to rest his chicken bones on... Or some cyber criminal finds them and then blackmails the government for £500 billion by midnight tomorrow, or he empties 25 million peoples' bank accounts. They pay him and he does it anyway. And then the UK devolves into anarchy, and he buys the UK for a few quid, and then sells us as slaves to Microsoft and we have to all spend the rest of our lives, programming bug fixes for Vista.
There are currently 1 users browsing this thread. (0 members and 1 guests)
SCAN.care@HEXUS
Posting Permissions
Reply With Quote