Red faces as government laptop goes missing

High value data stolen

Written by Iain Thomson

vnunet.com, 08 Oct 2007

A laptop containing details of customers at banking institutions has been stolen after a member of HM Revenue and Customs (HMRC) left it in the boot of his car.

The computer contained records from finance houses revealing the identity of high value customers who had invested in Individual Savings Accounts, according to research by the BBC.

“We very much regret the loss of some customer data provided to us by a number of financial institutions," said a spokeswoman for HMRC.

"The incident has been reported to the police and we are carrying out an urgent internal enquiry. HMRC places the utmost importance on the security of confidential material and we have in place very clear processes governing the handling of such material.”

She explained that the laptop was password protected using a complex code and that the data was locked with high-level encryption.

"It looks like the HMRC has put in place numerous types of protection which has ensured that the data on this laptop cannot be used by fraudsters," said Philip Wicks, a security consultant at Morse.

"However, this incident once again highlights the need for organisations to think long and hard about the data they allow employees to take offsite on laptops and mobile devices.

"Organisations should have policies and procedures in place that dictate what information can and cannot be taken off the premises."

The laptop was stolen when a member of HMRC was doing a regular audit of the banks' information on 20 September. This involved checking the details of current account holder information against records.

"By taking full responsibility for this loss, HMRC is a perfect example of the rapidly changing attitude to data breach disclosure in the UK," said Jamie Cowper, director of European marketing at enterprise data protection firm PGP Corporation.

"With top-level encryption making it virtually impossible to access the data on the laptop, HMRC had no real obligation or reason to report the breach.

"As such, this voluntary disclosure shows a refreshing level of ethical responsibility and commitment to its customers."

HMRC has advised the banks to notify their customers immediately.

Enjoyed this article? Help spread the word:

Comments

Reader comments for this story
Post your comment Post your comment   What is this?

Also read

Related articles

White papers

Related jobs

Most read

Most commented

Special Reports

Latest

Spotlight

Richard Solomons, FD of Intercontinental Hotel Group

Profile: Richard Solomons, FD of InterContinental Hotel Group

Richard Solomons is masterminding Intercontinental Hotel Group's strategy of ownership,...

PwC 10-year anniversary special report

Relive how the controversial mega-merger of Price Waterhouse and Coopers...

Make partner fast with YP

The latest edition of Young Professional features our definitive guide...

Find your next job

Find your next job
Solve your clients debt problem with a ClearDebt IVA
Salary Checker

Newsletters

Sign up here for the very latest news delivered to your inbox. Choose from the following options:

Search white papers

Search white papers

Have your say

THE BIG QUESTION: IS FAIR VALUE REALLY FAIR?
Fair value accounting has attracted a lot of criticism, but is it actually fair?
Yes, it's better than any other method available.
No, it's caused too much trouble. Get rid.
It's promising but could work better with modifications.

Job of the week

More finance jobs...

Your next job