HM Revenue and Customs (HMRC) suffered seven breaches of data security since 2005, not including last month’s loss of 25 million child support records, the department’s acting chairman has admitted.

Such losses represent a “systemic failure” in security at the department, according to Dave Hartnett, who took over when Paul Gray resigned over last month’s lost discs affair.

“There have been seven breaches of some significance,” Hartnett told the House of Commons’ treasury sub-committee last week. “We reported them to the Information Commissioner.”

Further cases of public information lost by other central government departments have also come to light since the HMRC fiasco, Information Commissioner Richard Thomas told another Commons committee last week.

“Quite a number of public and private sector organisations have told us they think they have found a problem,” he said.

Thomas also described the HMRC discs affair as “the worst we have encountered” and said the fact that the data was not encrypted called into question the security of the entire system of data sharing in Whitehall.

Thomas reiterated his call for a wider remit for the Information Commissioner’s Office (ICO) ­ including the power to make spot checks and to prosecute breaches of the Data Protection Act as a criminal offence.

The watchdog is also appealing for more money. The ICO total budget is £10m ­ compared with £890m for the Health and Safety Executive and £143m for the Food Standards Agency.

A sliding-scale fee increase would provide more revenues. But Thomas also wants extra government backing because the ICO has to oversee both freedom of information and data protection laws.