Over and over and over and over….
It happens over and over again. Today the BBC reported that Her Majesty’s (HM) Revenue and Customs has lost the bank details of 15 million(!) child support recipients, apparently that’s all of them. The story is probably going to develop over the coming days. Our government seems to be good at using technology badly. My question, how are the public supposed to have any confidence in government IT systems, some of which have web interfaces, when these situations seem to be becoming so commonplace? Listed are some of the other security bungles that have caught my attention recently:
- “New intelligence chief reveals all on website“, 16 November 2007
The most senior British intelligence official, appointed yesterday to oversee MI5, MI6 and GCHQ, has a website revealing his home address, phone numbers and private photographs of himself, family and friends. - “Foreign Office web security failed Data Protection Act, says info office“, 13 November 2007
The Foreign Office has promised to keep data safer in future, after its website exposed the details of those seeking visas for entry into the UK. An investigation by the Information Commissioner’s Office (ICO) found a breach of the Data Protection Act. - “Lost CD may put pension holders in peril“, 5 November 2007
Thousands of customers of UK insurer Standard Life have been left at risk of fraud after their personal details were lost by HM Revenue & Customs (HMRC). - “DWP loses £2.5bn to fraud and errors“, 26 July 2007
Department of Work and Pensions. About £2.5bn was lost to fraud and error in benefit payments over the last year …The report identifies limited IT integration as one reason for the high level of error. - “DoH’s latest d’oh!“, 26 April 2007
Department of Health (DoH) has apologised for its latest IT blunder – publishing private details of applicants for junior doctor posts on an unsecured website.
Now… anyone for an ID card?
Update 26 November 2007: The total turned out to be “records for 25 million individuals and 7.25 million families”.
Update 20 December 2007: DH found guilty on MTAS data protection breach – “The Information Commissioner requires the DH to sign a formal undertaking to comply with the principles of the Data Protection Act.” Weren’t they already required to do so by law? Will yet another document make any difference?
Posted on Tuesday 20 November 2007.
Leave a Reply
Categories
- @media
- accessibility
- Ajax
- apple
- BeBettr
- books
- browsers (UA)
- charity
- cognitive
- creativity
- css
- css3
- design
- development tools
- education
- employment/experience
- gadgets
- health
- html5
- images
- iPad
- iPhone
- layout
- marketing
- notes
- politics
- privacy
- security
- social
- typography
- Uncategorized
- usability
- wtd2010
Archive
- February 2011
- January 2011
- November 2010
- September 2010
- August 2010
- July 2010
- February 2010
- January 2010
- October 2009
- September 2009
- July 2009
- June 2009
- May 2009
- September 2008
- June 2008
- February 2008
- January 2008
- December 2007
- November 2007
- October 2007
- September 2007
- August 2007
- July 2007
- June 2007
- April 2007
- March 2007
- February 2007
- January 2007
