Blimey!!!

Shiver me timebers, by your language i'd say you were involved.

I'm afraid not, me laddy.

Well, that's it then, scientific experiments for the lot of ya.

And now for something completely different.

All this from a British government obsessed with recording personal data.
Would you believe that they are also going to introduce identity cards - just think how juicy that information would be to fraudsters, gangsters, blackmailers etc etc etc etc etc
I thought Thatcher's government was terrible but this lot under Blair and then Brown are far worse! I deeply regret voting for them in 97.
Just on the CD thing - why was the information not encrypted first then it wouldn't really matter if they had gone missing either on CD or by sending them electronically. Seems mighty suspicious to me!!!

If you haven't realize, it's still not too late. The government personnel is not the brightest crowd.

can someone please send me two CDs, with 25 million bank account details on them please - it would make xmas come with a smile....

Remember not to pick up the soap after you get put in jail, though*.

*unless you're gay, then be my guest.

i think ill try to avoid the jail bit (ans what happens inside) , i just thought it was like a new government initiative to save money - just give everybody elses bank details out for the money , and keep all the taxes for the politicians, to bump up their pension plans

i wonder how long it will take till the files hit the internet :)))))

at my place, the full mobile phone company database with id card numbers, birth dates, addresses and such stuff leaked on the internet four years ago

Of course few people (if any) are prepared to consider that the discs have not gotten into the wrong hands at all.

They have been lost (wow a huge bureaucracy manages to lose some documents/discs, who'd a thunk it?), for now, but that does not necessarily mean anyone has been 'compromised' or anybodies' details or identity have fallen into the wrong hands at all.

Not that any of this kind of rational thought ever stopped the headless chicken tendency.

Carry on.....

It's possible either way.

"wow a huge bureaucracy manages to lose some documents/discs, who'd a thunk it?"

They were pretty important ****ing disks.

(wow a huge bureaucracy manages to lose some documents/discs, who'd a thunk it?)

Uh...those discs contain the personal information of 25 million people, 40% of the population...not some insignificant "documents/discs"...

"They were pretty important ****ing disks."

- Yes they are, of course.

What I'm trying to get at is that they can easily be mislaid (lost) somewhere in one of the more vast Gov building complexes
(have you ever seen the facility at Newcastle?)
without actually having gone away anywhere or 'fallen into the wrong hands'.

The discs were posted without being registered or recorded.

The discs were not misplaced or mislaid somewhere in a govt building and had actually left the building.

It took the Govt a month before they decided to tell the populace that important information including bank details of everyone who gets child benefit, as well as the details of those children.

"The discs were posted without being registered or recorded."

- No, that is not known beyond doubt yet.

But in fact (if they went out at all) they were taken by the regular courier that Gov used.

"The discs were not misplaced or mislaid somewhere in a govt building and had actually left the building."

- Unfortunately I think the whole point is that this cannot be actually proved.

"It took the Govt a month before they decided to tell the populace that important information including bank details of everyone who gets child benefit, as well as the details of those children."

- and?

Are you seriously suggesting that their first action ought to have been to alert everyone to the loss?

I'd say they acted perfectly properly in alerting the Police first (which they did, the Chancellor Alistair Darling alerted the Police on the 1st day he was told).

The Police in fact asked for time to search for the missing data before the public knew (so that if the disks had indeed been stolen, the thieves wouldn't know they were being hunted).

Nothing has been found yet, sadly however.

In addition, the banks wanted time to prepare their response (since bank details are amongst the missing information)... quite understandable after the panic with Northern Rock.

It would have been completely unwise to ignore requests from both the police and the financial sector, both of whom have a key role in preventing any damage being done if (and I emphasise that deliberately) the CDs have fallen into criminal hands.
There is still no evidence to suggest that this has happened, though.

sorry - i disagree with your comments - just because the disks (so it turns out), never left the building - is irrelevent

there are common sense procedure in place - that a moron knows

you do not keep confidential information that in not encrypted

you do not put on to CD/DVD/USB without encrypting

you place controls in place to ensure transfer of confidential & sensitive information if tracked - and "not lost"

a 10 year old would know this - the fact that it is unlikely to have fallen into the wrong hands - doesnt matter

it shows thats there are not tight controls in place and if there are, they are not being followed

i hope this is remembered the next time of go at 33 in a 30 mph limit, and get the full force of the law thrown at me - can i use the arguement - "well its ok - i didnt run anyone over"

the crime here is total incompetence, lack of process, and thoughtless control of confidential information - in any other private sector industry heads would roll - just because its the government and there were no serious implications, doesnt excuse it

Oh ok...in that case, no problem then, it's ok that they lost unencrypted discs containing half their populations personal data...after all, they notified the police and listened to what they had to say. Great work, UK!!!

Hocuspokus

One can tell from your post how unbiased your opinion of a Labour government is.

Firstly the Govt. themselves have acknowledged that the data discs were sent unrecorded, Alistair Darling makes this very clear in his statement to MP's.

The Police were not called in until the 14th of November, almost a month after the discs failed to arrive at the NAO. Alistair Darling was told of the loss on the 10th of November.

Im glad I don't live in the Uk, this shows just how incapable the government is.

The United States has near 100% of its financial institutions that use an insecure number (SSN) as a method of identification for financial transactions.

This is a travesty. SSN's should not be used for anything other than Social Security: period.

Ha...I love how you people become so evasive of the issue and immediately go on the offensive to try to make the UK government look better...yet, nothing like this in the US has ever happened...40% of the population has been compromised?? That's insane...the funny thing is you people are so brainwashed by your government that you'll probably think it's no big deal.

"yet, nothing like this in the US has ever happened"??? Have you heard of identity theft???
Just because the organization lost the data, doesn't mean that some a**hole is going to use it for his own benefit. Although, in the US I guess its hard to believe that someone who comes across a list of bank account may actually consider NOT ruining the lives of all those people.
Maybe the IT guys just forgot where they put those CDs.

Totally agree.

Privacy advocates(of which i am one) don't want an extra tracking number / extra attention from Big Brother, but the present situation is almost untenable.

US people? I'm trying to explain that eventually this will happen in the United States. It has already happened on a smaller scale with the TJMAX debacle.

No amount of technology or security will prevent it, either. eventually someone will slip up and social security numbers will be public for every citizen of this country.

Identity theft...yea, that's the same as losing 40% of the populations information...

"Although, in the US I guess its hard to believe that someone who comes across a list of bank account may actually consider NOT ruining the lives of all those people"

Yea...only angels live in the UK, nobody in the UK would actually consider becoming rich by selling other peoples personal information.

"I'm trying to explain that eventually this will happen in the United States."

If the U.S loses 40% of it's populations information...then maybe you'll have a leg to stand on, right now you're basically just saying...

"It's ok, eventually another country will lose more personal information then the UK government did"...and then you single out the U.S, because no other government is capable of losing half it's populations personal info. Oh wait, the UK gov't is perfectly capable of that.

Dang, the population there is a lot larger than i thought! I'd love to see multiple identity fraud instances w/ Philip & Elizabeth Windsor.

I'm tempted to mention that Windsor isn't really their name, the ruddy Germans.

Saxe-Coburg-Gotha

They changed it during WW1 if I remember rightly, because they thought it wouldn't look too good having a German monarchy.

¡Das ist richtig!

Und i believe Philip is actually of Greek extraction...

ehh, as you know-- all European monarchy is cross-bred & related, no matter which country they're in...

...blue, blue my heart is blue,
blue is my heart-- because of incest....

"i believe Philip is actually of Greek extraction..."

- He's also of German descent too.

All that in-bredding don't you know, what what?!

And maybe Danish....let's give the commoners a little bio:

Born Prince Philip of Greece and Denmark at the Greek Royal residence of Mon Repos on the island of Corfu on June 10 1921, Philip was instantly fêted by his family as a future hope of one of the world’s most celebrated Royal dynasties. His father, Prince Andrew, was the grandson of King Christian IX of Denmark, while his mother, Princess Alice of Battenberg, was the eldest child of Prince Louis of Battenberg, and sister to Earl Mountbatten of Burma. Yet for all the privileges enjoyed at the start of his life, the young Prince’s early years were to prove anything but easy. The idyllic island life lasted a mere 18 months.

By the mid-1920s, the Greek Royal family was facing a fundamental threat to its future existence. When a revolutionary court sentenced Prince Andrew to death, he, his wife and their five children had little choice but to try to flee their home as quickly as possible. Fortunately, King George V had from London kept himself fully apprised of the situation. The King despatched a Royal Navy warship to evacuate the family just a day after the trial. It was a life-saving act of kindness and Royal solidarity that the family never forgot.

Having escaped from Greece, the family settled at St Cloud, a modest villa on the outskirts of Paris which belonged to Marie Bonaparte, Prince Philip’s aunt. This drastic and traumatic change in circumstance did, however, serve to open up a rift between Prince Andrew and Princess Alice from which they never recovered. The Prince’s mother experienced a nervous breakdown, widely believed to have been catalysed by the myriad stresses and strains of the family’s dispossession, and the couple separated in 1930.

Once again, the British Royal Family took it upon itself to assist its relations. Princess Alice’s father, Prince Louis of Battenberg, had become a naturalised British citizen in 1868 and had married one of Queen Victoria’s granddaughters. Philip’s grandmother, the Marchioness of Milford Haven, had grown exceedingly fond of her blond-haired little grandson, and helped persuade his mother that an English education would provide him with not only a sense of stability, but would also be the best possible preparation for life as a serving member of Royalty. Accordingly, the Prince left the American school which he had attended at St Cloud and began his English education at Cheam, the celebrated Surrey preparatory school.

Happily, Cheam proved an excellent choice. Prince Philip enjoyed his time there immensely, especially on the sportsfield. When the moment came to look around for a suitable secondary school, his family decided that, in the interests of providing him with a truly international education, the Prince should experience academic life in another country. With this in mind, Philip was sent, at the age of 12, to continue his studies at Salem, a school in Southern Germany which belonged to one of his brothers-in-law. The school was supervised by the celebrated educational pioneer Kurt Hahn, a man who was to have a profound effect on Philip’s intellectual and emotional development.

Once again, however, politics conspired to alter the Prince’s life dramatically, and it was not long before he found himself on the move again. Not long after the National Socialist party came to power in Germany in January 1933, Hahn realised that he would not be able to continue his educational work under so repressive and dangerous a regime. In 1934, he moved his base to Scotland, where he founded Gordonstoun, the innovative public school which impressed Prince Philip to such an extent that he went on to send all three of his sons there – in Prince Charles’s case, not entirely happily.

A noble englishman told me the whole story about the german and danish link this year. He said that many european monarchies have ancestors from the danish kingdom :]

God you're quick with the news on this one aren't you? [sarcasm] And what the heck is a story like this doing being posted on a site like this? What relevance does this particular story have being posted here? Just because the information was on two discs? [laughs]

While this is a serious news story, what a joke posting it here of all places. [tsk]

It's a big technological blunder.
The biggest, apparently.

The information wasn't encrypted.
It was a database that is held on a computer system.
There were permission errors.

How much more technological do you want this story to be?

It isn't a technological blunder. [laughs] It's a humungous administrative error, in that the information was put onto discs and then sent via Royal Mail - both of which should never have been happened.

Actually Mr Darling told MPs: "Two password protected discs containing a full copy of HMRC's entire data in relation to the payment of child benefit was sent to the NAO, by HMRC's internal post system operated by the courier TNT.

You are right. We need more blu-ray and HD-DVD fanboi wars on betanews.

I bet, if it was the US government that had this kind of screw up, your post would be completely different...

Okay I stand corrected then - they _were_ password protected discs. So what? That makes it a tech story? Uh I don't think so.

And so it was sent by Royal Mail via a sub-contrractor in the form of TNT. So what? That doesn't make it a tech story either.

The only way you could turn this into some sort of vaguely tech newsworthy story would've been the ID card angle - if the UK government can't handle our information sensitively and securely, then how can it hope to introduce ID cards. But that angle wasn't even touched upon so it's _STILL_ a non-tech story this, whichever way you look at it.

No - see my answer below fool.

Royal Mail played no part in it.

Your opinion is exactly that.

"If the UK government can't handle our information sensitively and securely, then how can it hope to introduce ID cards"

With the amount of information that can be collected about people, doesn't that itself give a good enough reason to have ID cards ?

Woah woah woah! That is NOT my opinion - you do not KNOW what my opinion is. Re-read what I wrote duma55.

"The only way you could turn this into some sort of vaguely tech newsworthy story would've been the ID card angle - if the UK government can't handle our information sensitively and securely, then how can it hope to introduce ID cards. But that angle wasn't even touched upon so it's _STILL_ a non-tech story this, whichever way you look at it."

This whole story is REALLY making me mad!

I've done a bit of research and I think you're right there - my mistake and apologies.

Being that it's about digital data, the privacy of digital data, the data protection act specifically, the database security setup, the lack of a competent DBA, the lack of properly employed encryption as mandated by policy, how is this NOT a tech news story??

Goodbye ID cards, goodbye biometric measures. If someone has these disks and wants to use them, they would not do it now, they would wait until the heat is off. You would not try to access bank accounts. With this information, you could buy a few houses here and there, book a few holidays and spend like it isn't your money and let the owners pick up the tab. By the time these actions come to light its old news and the government will say "not our problem". What is more embarrassing is to find that minister are claiming support. Hmm ... lets have a look.

How many times have you ever gone into a public office, and had to deal with incompetence from civil servants. Council works are notorious for being the type of people who wouldn't be employed in industry doing the same job because of there inability to perform. The government, while ultimately is responsible, cannot hold there hand all day every day and have to rely on senior management to ensure rules and guidelines are followed. This coupled with incompetent managers who have worked there all there lives and have worked there way up from the tea maker doesn't inspire confidence.

At issue here was the 2 disks were posted unrecorded and unregistered and it ultimately didn't reach its destination. And without a signature this means the numpty up took the mail can lose it without any repercussions on themselves. This is in violation of internal rules and was caught by the government policy for reporting such events.

So how is this the fault of the prime minister ?

He needs to come down on the department like a ton of bricks, he needs to fire up management to earn the money they get paid, and bite the bullet and start to discipline incompetence in the same manner in industry and get rid of people who cant do their job.

It will remain the last bastion of incompetence working for any government/council. And I doubt it will ever change.

http://news.bbc.co.uk/1/hi/uk_politics/7103566.stm

There is something more, hidden from the general public, going on about all this. Data doesn't and can't get lost like that. Telling that a bunch of discs got lost it's pretty silly, although the vast majority of people surely believe that's possible and logical, well it's just not.
At the very least any government offices and agencies surely have some sort of backup and redundancy. At the very least there exist multiple copies, it's common to have 3 backups stored in different places and level of security that get updated daily or weekly, at least. So, what they are talking about ? And what is really going on ?
And not talking about all the RAID solutions beyond simple RAID-5 and RAID-6 levels when using many server racks with thousands of hard disks connected thru high speed fiber channel connections..

"At the very least any government offices and agencies surely have some sort of backup and redundancy."

Of course they do.
This was the backup that they lost.
They still have the database, it's just that now someone else has it too.

It's not that they lost the data completely (they didn't), it's that a copy of the data went missing when it shouldn't have been posted in the first place (not to mention that it shouldn't have been burned onto a CD in the manner that they did). They still have the data, but the copy has gone missing.

Huh? They didn't actually completely LOSE the data...the problem is someone else has a copy, how would you feel if someone out there had all your information? Address, bank accounts, names, phone number...pretty much everything they need to take your life away. Would you say "oh, it's ok, the government still has a copy of my data"?

At least the bloody stupid ID card idea will get ditched.

I know it's a cliche, but "Don't put all your eggs in one basket".

In particular a basket than can be duplicated onto a couple of CDs.

On the contrary, they're now claiming that this proves that we need an ID card system so that people can prove their identity. A skeptic might be forgiven for thinking that the whole thing was engineered by the Govt. to reinforce their argument.

you'd think they would store these in special rooms, Mission Impossible style...?

It's refreshing to know that the British government is as useless as ours in the U.S.

Your directly descended, we sent the stupid Irish on a boat to find Columbus and sent the convicts to Austrialia to develop a dollar with value worth stealing.

Were all bonkers over here ... hell we even invaded iraq because bush told us he had a really sharp envelope opener.

Oh don't worry, the British government isn't quite as useless as yours in the U.S. - trust me on that one. [laughs]

Oh dear, the civil service these days obviously isn't what it used to be, old chap.

oh for the record - how many times have we read of government laptops being lost and stolen - without being encrypted !! - has anyone over been repremanded over why they are not using secure devices ?? - tut tut

nothing surprises me involving UK govenrment departments - they spend too much time patting eachother on the back, and awarding them selves pay rises , most should try getting a job in the private sector - they would be sacked for gross-misconduct for offenses like this, insted of hiding bebehing the govenment brick wall, and then wondering why tthe public misstrush goverment officials , - if i worked for a private company and lost all out data , ill probably be sacked on the spot - lets wait and see how many senior > £50k year salaried jobs get sacked here ,,,, haws the fishing industry doing these days ....

Actually, the Chairman did resign over this, which I thought was unfair. There's no way he's actually responsible for every single action of every single member of staff.

The person who made the mistake in doing this should be the only one held responsible.

no, but he is responsible for the lack of a strong enough system to prevent completely an individual or small group of individuals causing such a monumental security and policy breach.

I do think it's unfair that they just get to resign, and some other poor sod has to try and clear up their mess, they should be forced to be involved, under close supervision.

Kiddo - learn a thing or two about corporations and agencies before posting...

Roll on the next election.

It may not make any difference, of course. But it surely can't be any worse than the bunch of clowns we have at the helm at the moment.

What difference would that make? We have Brown from Labour and a populist puppet from the Conservatives. An election would make little difference, aside from the off chance that the Lib Dems get more power to pressure the first two.