The UK Customs and Excise department has admitted in the last week that it has lost substantial data about 25 million people – basically every adult with children in the country. But it’s just become apparent to me the scope of the information that has gone missing.
My family received a letter stating:
This data includes your children’s names and dates of birth, your address, your National Insurance number and, where relevant, the details of the bank or building society into which your Child Benefit is or was paid.
The copy of the data is likely to still be on Government property.
Do I think I’m likely to be a victim of fraud as a direct result of this? Not really. What worries me is that the data was only password protected and not encrypted. The government has tried to put responsibility on a 23 year guy, who is now in hiding. Someone in the government consented to a policy of not encrypting this data as standard. For me this is an issue that a CIO of a department or the government should be held responsible for. They should be made to make a public statement so we know who that person is and then kept in a position so they can sort out this situation – even (particularly) if this results in a longer term change of mentality . Yes, the Prime Minister is ultimately responsible, but he is not likely to make a direct difference.
Here is a bit of background to the story…
…and how it went down in parliament…