When privacy advocates try to imagine their idea of the worst possible data breach, I doubt they could think up this catastrophe.
Last month, a British government agency, Her Majesty’s Revenue and Customs, lost a copy of the records for over 7 million families, or 25 million individuals, who receive child benefits.
Diskettes with the records were apparently sent by in-house courier across London – breaking departmental standards – and were never received.
The diskettes included a trove of information, including names, addresses and dates-of-birth of the children, and their national insurance numbers. Some of the records may have included the bank details of parents claiming child benefits.
As a result, Paul Gray, the chairman of HM Revenue and Customs, resigned.
It appears several HMRC protocols were broken:
- the data records, while password protected, should not have been shared in the format used;
- when the data was shipped, no record was made of its departure, and no proof was required of its delivery; and
- senior management was not informed of the loss for another three weeks.
The impact – even if the records are found to have been simply misplaced and their delivery unrecorded in some sub-office – has been profound.
Child benefit recipients are having their accounts monitored for signs of fraud.
Financial institutions across the country have had to begin reconstructing transactions completed since the data breach to make sure fraud hasn’t already taken place. This is a costly and time-consuming exercise.
The sheer scale of the data lost is staggering. The fact that a junior official apparently had the access to this information is disturbing – but that official’s apparent disregard for the security of such a vulnerable population is shattering.
The message for governments everywhere is clear: even in an organization clearly aware of the sensitivity of its data holdings, even with management dedicated to organizational efficiency and responsibility, the security of vital personal data cannot be taken for granted.
A failure of apparently rote safeguards, process or procedure can have potentially devastating consequences: for vulnerable populations, for their families, for civil servants, and possibly for governments.