Data on half of all Britons disappears
It was a civil servant’s simple mistake, but the consequences could be vast. Two computer disks bearing addresses, bank account numbers and other details of about 25 million people - almost half the British population - were popped into internal government mail and never arrived.
The government says there is no sign the data has fallen into criminal hands. But technology experts and civil libertarians say the security lapse spotlights the risks we take in entrusting personal details to governments and large institutions.
“I profoundly regret and apologize for the inconvenience and worries that have been caused to millions of families,” Prime Minister Gordon Brown told the House of Commons yesterday. “We have a duty to do everything that we can to protect the public.”
The disks disappeared while being sent by internal mail from the tax and customs department to the government’s audit agency. They contained names, addresses, birthdates, national insurance numbers and, in some cases, banking details for 25 million adults and children.
Treasury chief Alistair Darling said the disks held information on the 7.25 million families in Britain claiming a child benefit - a tax-free monthly payment available to everyone with children. He said the delivery had not been tracked and the disks were missing for three weeks before the alarm was raised.
The disks were password protected, but the information on them was not encrypted.
Darling, who disclosed the breach to shocked lawmakers Tuesday, called the lapse “catastrophic.”
“I can well understand people’s anxiety and anger that this has happened. It should never have happened, and I apologize unreservedly for that,” Darling said yesterday.
Technology experts said they could not recall a loss of data on this scale in Britain. They said it showed fundamental flaws in the government’s plan to keep more information about citizens on centralized databases.
Projects in the works include a national medical records database and biometric identity cards for all citizens.
“It’s impossible to control this much data,” said Guy Hosein of watchdog group Privacy International. “Whenever you collect information and keep it centrally, it will be abused, it will be lost.”
Conservative Party leader David Cameron said the breach should make the government reconsider its ID cards plan.
“People are desperately worried about the privacy of their bank account details and their personal details,” he told Brown in the House of Commons. “They will find it truly bizarre, they’ll find it weird, that frankly you don’t want to stop and think about the dangers of a national identity register.”
Brown said the ID card plan would go ahead, with “the biometric support necessary so people can feel confident that their identity is protected.”
Darling insisted there was no evidence criminals obtained the lost data, and said the police were hunting for the missing disks. He said banks have been told to look for signs of suspicious activity.
:
There have been several cases of major data theft from companies in the United States. TJX Cos., the operator of T.J. Maxx and Marshalls stores, disclosed in January that a data theft had exposed tens of millions of credit and debit cards to potential fraud. “The difference is, this is information you are legally compelled to give to the government,” said Privacy International’s Hosein. “You are not compelled to be a customer of T.J. Maxx.”
-AP News
