Chancellor of the exchequer Alistair Darling has said employees of HM Revenue & Customs were responsible for the loss of sensitive child-benefit data.
Darling confirmed that two discs containing details on about 25 million people had been lost in the post after officials had failed to follow the proper procedures for data handling.
The incident has led to the resignation of Paul Gray as chair of the organisation.
In a statement to the House of Commons on 20 November, 2007, Darling confirmed that two password-protected discs had been sent to the National Audit Office (NAO) for auditing purposes in mid October but had not arrived. Officials sent a second pair of discs that were delivered to the NAO, but it took nearly a month before senior officials and then the chancellor were informed of the loss.
The discs include benefit records affecting 25 million people and 7.5 million families, and include names of recipients and children, dates of birth, bank and building society details and national insurance numbers. Darling said there was not sufficient information to access bank accounts, but that he regarded the incident as very serious.
"I regard this as an extremely serious failure by HMRC in its responsibility to the public," he said.
He insisted, however, that the department already had procedures in place to prevent the copying of such details onto disc, and that these had been broken by officials.
"HMRC has clear instructions and procedures," he said. "The problem here is that the individuals concerned ignored them."
He said he was made aware of the loss on 10 November, immediately launched an internal investigation, and four days later called in the Metropolitan Police. This investigation is still taking place, but so far has uncovered no evidence of any fraud or misuse of the data.
"The police have no reason to believe the data has found its way into the wrong hands," Darling said.
He informed banks and building societies through the Financial Services Authority days before the announcement to Parliament so they could take protective action. They have analysed relevant accounts and will continue to monitor them. He added that if anyone becomes the victim of fraud due to the data loss they will be protected by the Banking Code and will not suffer financially.
Darling also said it had been discovered that HMRC officials sent similar data to the NAO earlier in the year, although this was received and returned. He has kept the information commissioner informed, and says it is possible the department breached the Data Protection Act by preparing and sending the discs.
Among the consequences is that the NAO is reviewing its procedures for collecting data. Edward Leigh MP, chair of Parliament's Public Accounts Committee, said he had already established that the NAO only asked for the national insurance numbers, not all of the details that were on the discs.
Conservative shadow chancellor George Osborne described the incident as a "catastrophic mistake", and claimed "half the country will be very worried about the safety of their families".
Talkback
The problem is not simply that "instructions and procedures" were not followed; how did a junior official have access to the entire database, let alone clearance to download it all and burn it onto disk? Surely this sort of privileged access should only be available to inspectors and above. Whoever set the access rights for user names and passwords also has a lot to answer for.
And a further question; is this sort of ready access to our information mirrored in other Government agencies?
The fact that there were no controls on access and duplication rights to this information was already startling - if the NAO had a requirement for provision of this information by the HMRC there should have been a channel and procedure in place for assessing how this need should be met. I am astounded that there is no evidence of any of the lauded 'joined up government' systems working in this instance. Even the concept that access should be provided via 2 x CDs is extraordinary. I am no tech-expert, but surely the HMRC should have been able to provide strictly controlled, direct access to the relevant databases rather than even considering copying of the files. With appropriate access priviliges and user rights the HMRC could provide a secure link and would be able to identify what information had been accessed and by whom.
Although I agree about not blaming junior officials - the fact that this individual tried sending the CDs on 3 occasions is both negligent and incompetent at an personal level - it then appears that he did not tell anyone for 3 weeks..... shameful.
Would this information management be better handled by the private sector?
What idiots if it were a private company you would be finished and never trade again. But we have no choice.
Its suprising that the government, in this day and age, still has to compile data onto discs in order to transfer it from one place to another.
why dont they biuld an internal network that'd link data or allow access to different government departments? internal security is much easier; its easy to set access levels or to allow temporary access. corporations and banks have these type of systems, why can't the government?