Greyscale backing image

The great data disaster of 2007

Written by

Posted on 2 Comments

[Dave Birch] Half way through the Digital Identity Forum yesterday, the session chair announced (hot from his Blackberry) that the British government — specifically, the Child Benefit Agency — has lost the personal details of every parent in the country and as a result someone has resigned. I haven’t had the energy to try and figure out why on Earth in 2007 government departments would be posting CDs to each other rather than using PGP or S/MIME on the interweb, but there you go. Anyway, by this morning there was an identity theft media frenzy never before witnessed in our green and pleasant land. I woke up to breakfast TV in the hotel and every channel was leading with the story. I’ve just seen the Chancellor of the Exchequer being interviewed on Sky and I actually felt sorry for him: some of the questions were ridiculous (eg, won’t the fraudsters wait a few years before they obtain credit cards in our children’s names). For a more measured response, see here: Forum friend Ian Brown was whisked away from the Digital Identity Pub Quiz to appear on BBC’s Newsnight.

Technorati Tags:

I’m not panicing, of course. For one thing, the government has set up helpline (0845 302 1444). Phew! For another, any dedicated identity fraudster desperate to get hold of Child Benefit Records would have done so already and the chances of them having been stolen by opportunistic identity thieves is (to my mind) slim. If I were a betting man, which I’m not, I’d bet that the missing CDs are down the back of the metaphorical sofa somewhere. This is not to minimise the issue: personal details shouldn’t be being passed around in the clear. But the chances of anyone being a victim of identity theft because of this kind of data breach (if it was a data breach), frankly negligible. The biggest victim, in my opinion, will be the UK’s national identity card that is just about to go to procurement: I imagine their press office will be busy today.

Some background for our foreign visitors: for reasons not entirely clear to me, the British government sends you cash every week if you have children. This is called Child Benefit. In order to waste as much money as possible, instead of simply raising the tax threshold for me and my good lady wife, the government takes the money away from me each month and then sends most of it back to my bank account via the Child Benefit Agency, which is part of Her Majesty’s Revenue and Customs. It was a junior person at the Agency who took all of the records, put them on two CDs and posted them to oblivion.

These opinions are my own (I think) and are presented solely in my capacity as an interested member of the general public [posted with ecto]

2 comments

  1. Hi Dave, have posted more on this on my blog. The crux for me is this:
    The issue is for other people’s security systems not for me! For example – someone could apply for a credit card or some such with ‘my’ details. Great. They could apply for it. Not me. They are responsible for any bill racked up on it. Not me. So the problem is for the system which makes knowledge of a few social details about me its dirty big key. They are making a few social details equivalent to my identity. Mistake.

    Reply

  2. David, if someone does apply for a credit card with your details, the chances are that they won’t pay the bill and it will be you that will be chased for payment. Ultimately you probably won’t have to pay either but you will face the hassle factor of proving that it wasn’t you and sorting out the damage to your credit rating. Sure, you still have your identity and the bank or credit card company will be landed with the bill but you still end up with a problem, if only one of inconvenience.

    Reply

Leave a Reply to david cushmanCancel reply

Discover more from Consult Hyperion

Subscribe now to keep reading and get access to the full archive.

Continue reading


Subscribe to our newsletter

You have successfully subscribed to the newsletter

There was an error while trying to send your request. Please try again.

By accepting the Terms, you consent to Consult Hyperion communicating with you regarding our events, reports and services through our regular newsletter. You can unsubscribe anytime through our newsletters or by emailing us.