Revenue blames ISP for security breach
The security hole that forced the Inland Revenue to shut its self assessment online service this week is believed to be have been caused by a single internet service provider.
The Revenue suspended the service, which is used by around 75,000 people, earlier this week after users reported seeing information about other taxpayers.
And now the government’s e-envoy Andrew Pinder revealed the problem seems to lie with the users of one unnamed ISP.
‘The Revenue has to answer this themselves, but what appears to have happened has occurred on one day with one ISP and how it interacted with the Revenue. It is unusual and we are not very happy about it,’ he said.
A spokesman for the Revenue said: ‘We do not disagree with Mr Pinder but this is subject to an ongoing investigation. We want it back online as soon as we can but the security of our customers’ data is of paramount importance to us.’
The breach is yet another IT embarrassment for the government as SA Online was delivered late and was then backed by a £1.9m advertising campaign following its launch in 2000.
It may also damage the government’s targets of getting individuals to file tax returns online by 2010.