UK Tallies Potential Disk Damage

Lost disks could result in more than $3B in losses, pols warn

November 29, 2007

3 Min Read
NetworkComputing logo in a gray background | NetworkComputing

The lost disks at the center of the U.K. government's massive data breach could be worth more than $3 billion if they fall into the wrong hands, according to British politician Vincent Cable.

The acting leader of the U.K.'s Liberal Democrat party issued the stark warning today during a heated House of Commons debate, as shock waves from the country's largest ever data breach continue to rock Gordon Brown's government. In the hands of criminals, the disks, which contain the personal details of 25 million people, would be a license to print money, warned Cable.

The information has "a criminal value of something in the order of 1.5 billion ($3.1 billion), which makes the Brinks Mat robbery rather the equivalent of robbing the church collection," said the politician, according to a BBC report. He was referring to a 1983 heist when thieves made off with £26 million ($54 million) worth of gold bullion.

On the black market, the lost identities could be worth around £60 pounds each, explained Cable, warning that an "enormous amount" of personal data is now at risk.

The U.K. government is still reeling from the data breach, which has already led to the resignation of HMRC chairman Paul Gray. Both Prime Minister Gordon Brown and Chancellor of the Exchequer Alistair Darling have issued apologies for the incident.Although a major police effort is underway to retrieve the disks, the lost media have forced millions of U.K. bank customers to carefully monitor their accounts.

The disks, which contain welfare information on almost half the population, went missing last month when Her Majesty's Revenue and Customs (HMRC), the U.K.'s equivalent of the IRS, sent the disks to the National Audit Office (NAO).

Although password-protected, the disks are apparently unencrypted, and include the details of millions of benefits recipients, as well as the names, addresses, and dates of birth of most U.K. children.The disks also contain bank account details for millions of parents and guardians, as well as national insurance numbers, which are similar to U.S. Social Security numbers.

Such is the scale of the snafu that credit checking firm Experian warns that millions of children could be at risk of fraud for years. Fraudsters may even wait until children reach 18 before applying for credit cards in their names, according to media reports.

At this stage, there is still no indication that the disks have fallen into the wrong hands, according to government officials.A statement on the HMRC Website says that the data "is likely to still be on Government property," although its actual location remains a mystery.

"We continue to urge customers to do the simple security checks," wrote Sandra Quinn, director of communications at the Association of Payment Clearing Services (APACS), a U.K. banking trade body, in a statement today. "This includes checking their statements or balance regularly, opening all post and disposing of it all with care.”

To make matters worse for the government, the HMRC recently lost another six disks, according to a weekend BBC report. The disks, which went missing between HMRC offices in northern England and London, reportedly contained recorded conversations between an HMRC staff member and a customer making a complaint.

Read more about:

2007
SUBSCRIBE TO OUR NEWSLETTER
Stay informed! Sign up to get expert advice and insight delivered direct to your inbox

You May Also Like


More Insights