An interesting news item from cnet this morning: the British Government has fessed up to losing “two discs containing the details of everybody in the U.K. who claims and receives child benefits.”cnet story here
While it never specifies what kind of disks these were, I’m assuming CDs or DVDs. It’s interesting to note that, according to the article, the disks (or possibly the files they contain) were password-protected, but not encrypted. They were supposed to be couriered from one location to another for auditing and never arrived. So a second set was sent and that set did arrive. The scariest part was that the higher-ups didn’t even hear about the incident till 3 weeks after the fact.
Now, I’ve never dealt with 2 disks full of people’s Social Security Numbers, social security account balances, etc., but I’d like to think that if I lost one I’d have enough courage to fess up ASAP. On the other hand, knowing the magnitude of just such a mistake, I tend to think anyone would try to collect at least one more paycheck before moving into their cave down by the Thames.
On the other hand, the pollice and other officials are saying there’s been no sign of fraud, so there’s no reason to assume these disks have fallen into the wrong hands.
In any case… if you made a mistake of this magnitude, would your first response be to bring it to someone’s attention, or would your first response be to bury it? Be honest… the world is watching. 😉
DougHughes.net 
Comments on: "UK Government Messes Up — But It Could Happen Here!" (5)
It had to be brought to people’s attention since it wasnt just their details with the government but also a lot of bank account details.
This is a disaster for the government as they were making noises about introducing National Identity cards. Of course, now that isn’t going to happen, since they can’t be trusted with our information!
Another aspect of it is that it breaches the Data Protection Act, so if it was a private company, the person that was responsable (higher up or minion) would go to prison, but because its the government they just get to say “Doh!” and “Ooops!”
LikeLike
I agree with Mark that this will be a nail in the coffin of the ID card scheme here. What I find most incredible about this whole affair is that someone was actually able to put the entire database unencrypted on a couple of discs – since this is not only illegal but highly unsafe, you’d imagine that there would be failsafes in place to prevent this from happening.
LikeLike
if it was me I would have just kept quiet, and then if it made the news because of mass fraud starting to happen and i was asked about it then I’d say “oh yeah, thats right it could be the discs I lost, I lost 2 a while back but i resent them and the copies got there, sorry about that
so.. do you like stuff?”
LikeLike
@john: is that any way to hit on single mothers?
LikeLike
I have no illusions that private data in the US is any more secure, or that similar folks on our side of the pond as the dude who put that data on the disks are any less boneheaded. The thing that gets me is that “everyone in the country who gets child benefits” could FIT on 2 CDs!
Hell, even if they were DVDs… we’ve got 300 million people over here, I doubt that the Social Security Administration’s Access database would fit on 4 DVDs… they’d have to send a removable hard drive or something.
It’s an amazing thing, seeing those tasked with looking out for the best interests of a people to do something so blindly stupid. Amazing and scary.
LikeLike