Two CDs containing names, addresses, bank details and other personal information, have gone missing in transit between HM Revenue/Customs and the National Audit Office. My information is on one of those CDs and so is data belonging to many people reading this.
The Questions That Must Be Asked:
- Why was the data not encrypted? No-one has actually come out and said that it wasn’t encrypted, but you can be sure that if it was, then we’d hear “Relax, it was encrypted, no need to panic…”. Instead, there have been references to “password-protected”, which I’m guessing is a euphemism for “insufficiently strong encryption”.
- Why did a “Junior official” have access to the entire Child Benefits database? If this was the case, then an unscrupulous employee could easily sell this type of information on the quiet too…
- Why do these two government departments need to use the “CDs through the post” approach for data transfer? That is risky, old-fashioned behaviour. The data can’t actually be all that large: perhaps a few tens of megabytes. Send it over a properly encrypted network connection and you don’t have to worry about CDs, couriers, transit delays/loss.
- With this and the Northern Rock fiasco, how much longer will we expect Alistair Darling to remain as Chancellor?
And of course, there is a huge risk of a similar incident happening again with the proposed National ID Card Database, which is why it must be stopped.
I was listening to Radio 5 on the way home from work, and they had someone on who said that the information definitely WASN’T encrypted.
Permalinksheepeatingtaz: Doesn’t surprise me, at all. When the revolution comes, we’re gonna need a bigger wall….
PermalinkAlisdair Darling was on the radio this morning (Radio 4) saying how his confidence in the system was shaken (same as the rest of us then). I’m pretty sure that in the old days, if a department screwed up on that scale, the minister offered to resign.
So that’s Northern Rock and an entire database going missing… what else could go wrong?
Permalinknetworked transfer – hmm that’s involve a big scary HMG network…oh actually never mind that would be a BIG IT project, no chance of that every getting done (enough problems with NHS-IT network thing). 😉
Permalink