From the annals of incredibly stupid things to do comes this one from the UK. Evidently someone (a junior official who’s probably been sacked by now) from the Revenue & Customs office thought it’d be a good idea to burn their database of people to a couple compact discs and send it off by unregistered post to the National Audit Office. The CDs contain personal records, “including their dates of birth, addresses, bank accounts and national insurance numbers“. The link also has video of the Chancellor speaking.
This points to a lot of concerns people have about their private data. Similar things have happened in the US – my parents were sent a letter by their mortgage company a few years back saying that a box of data reels containing more than one million entries on loans had been ‘lost.’ My folks were given ONE free credit check and then told to closely monitor their accounts for the next seven years.
An update tells us that the R&C thought it would be too expensive to remove the personal details not needed by the NAO.
(image from mutednarayan)
I’m unconvinced by the “junior official” line. A junior should not have had the authority to download the whole database in the first place. There’s a senior official lurking in this story somewhere who either authorised the download, or who mis-set the permissions on the database, or who did the download and gave the data to a junior for posting.
The official story stinks of scapegoating (among other bad odours).
You’d be amazed at what people have access to, even at low levels. I was a summer temp worker at a mortgage company with no experience and no reason to be trusted and had access to thousands of credit reports and personal information.
On the other hand, it does seem rather convenient to have an unnamed ‘junior official’ be the culprit. It’s probably more like he asked his boss, who threw some glib comment to make him go away, and the rest is history.