Skip to main content

Apology as data on millions lost

  • Story Highlights
  • Personal, banking information of half of UK's population was on lost disks
  • Disks were missing for 3 weeks before being noticed, Treasury chief says
  • Customs and Revenue chief resigns over error
  • Treasury chief insists no signs of criminal involvement
  • Next Article in World »
Decrease font Decrease font
Enlarge font Enlarge font

LONDON, England (CNN) -- British Prime Minister Gordon Brown apologized Wednesday for the government's loss of two computer discs containing the personal data of 25 million people, saying there was no excuse and promising a review of data procedures.

The two discs contained the department's entire database relating to the payment of child benefits -- a tax-free monthly payment available to everyone with children -- Treasury chief Alistair Darling said.

The data on 25 million individuals and 7.25 million families, includes names, addresses, dates of birth, national insurance numbers, and, in some cases, bank account details.

The loss became public Tuesday and prompted the resignation of Paul Gray, the head of Revenue and Customs, which supervises taxation and welfare payments.

"I profoundly regret and apologize for the inconvenience and worries that have been caused to millions of families who receive child benefit," Brown told the House of Commons.

The loss happened in October, when a junior Revenue and Customs official downloaded the data onto two password-protected discs and sent them via internal mail to another, Darling said.

The package, which was not registered or recorded, never arrived.

Although the CDs were mailed October 18, Darling said, the loss wasn't reported until November 8.

An internal search followed but failed to turn up the discs, Darling said. He then asked London's Metropolitan Police to help, and notified banks of the data loss, before informing the public on Tuesday, Darling said.

Darling said there is no evidence the data has landed in the hands of criminals, and no evidence of fraudulent activity with the lost data. Still, he said, the loss "should never have happened."

"It shouldn't have been possible for someone to have downloaded all this information, put it onto discs, put them in a post bag that simply wasn't marked or recorded," Darling told ITN.

Brown said he is asking all departments and agencies to check their procedures for storing data, and they would now be subject to spot checks of those procedures.

"In other words, we will do everything in our power to make sure data is safe," Brown said.

Darling also promised the fiasco would prompt a change and strengthening of rules to ensure sensitive data is not mishandled.

While banks would continue to monitor the affected accounts, the government and experts said the public should check their financial statements vigilantly and be alert to credit fraud.

advertisement

"The information that has gone missing isn't enough in itself to allow fraudsters to access your bank account," said Mark Bowerman, a spokesman for APACS, a trade association for payment services.

"But what we are saying is that we realize that some people may use date of birth (or) sons', daughters' names as passwords. If you are one of those people, then you should think seriously about changing those passwords." E-mail to a friend E-mail to a friend

All About United KingdomBusinessScience and Technology

  • E-mail
  • Save
  • Print