A solicitor from Wolverhampton warned today that fraudsters could get easy access to the millions of missing personal and banking records because security passwords may have been sent with the two CDs lost in the post.
Shawn Williams, who deals in serious fraud cases, voiced his concerns today about security procedures at the government department at the heart of the missing records scandal.
Mr Williams is a partner in Rose, Williams and Partners, of Waterloo Road, a legal firm which specialises in serious fraud cases and regularly defends clients against prosecutions brought by HM Revenue and Customs.
He has contacted the Tory Party urging them to press the Government to answer “the fundamental question” about the two CDs sent by internal HMRC post. Gordon Brown and Chancellor Alistair Darling have told the Commons that the CDs containing the personal and banking details of 25 million people were protected by passwords.But Mr Williams said in a letter to Tory MP Daniel Kawczynski that experience from his firms dealings with HMRC Prosecutions was that disks containing confidential data were dispatched in the same package as the access password.
“It is our strongest suspicion that the disks forwarded to the National Audit Office will have been packaged together with the necessary instructions to enable the recipient to access the data,” he said. “If so then reassurances from the Chancellor and the Chief Secretary to the Treasury that the data has password or other encryption protection become meaningless.
“The horror is that all the data will be effortlessly accessible to any fraudster with only the most modest of information technology comprehension.”
Mr Williams said the general level of IT comprehension within HMRC had long been an issue with many who were involved in the area.
The solicitor said today: “We have still not had the answer to the fundamental question as to whether the passwords were sent with the lost package or whether some other security system was in place. “If the password arrived in the same package and given the sensitive nature of this material, it would take the revelations on to a new level.” Mr Williams said he believed HMRC was under-resourced and that he was “reasonably confident” that the merger between the Inland Revenue and Customs & Excise had something to do with it.
“I am also reasonably confident that the HMRC is staffed by professional, dedicated, diligent workers. It’s not fair on these people,” he added.
Mr Kawczynski said that he had passed on Mr Williams’s letter to David Cameron.
“We shall continue to challenge the Prime Minister and the Chancellor over the next few days to see how they could have got us into this terrible mess.”
5 Comments
Its my guess that the ‘junior’ also used winzip and probably a password of 4 characters! Idiots.
OK, so the information on the disks is protected by passwords. But he didn’t say that the passwords have not sent with them. That that would have been a really fatal mistake so it’s highly likely this outfit would do it.
“Lost in the Post” which implies the Royal Mail. It wasn’t them; it was TNT.
To be honest, it makes no difference whether the CD’s were password protected or not. Passwords are fairly easy to crack nowadays.
It’s just one mess after another with this government - I wonder what it’ll be next week?
I cant believe it took them a month from posting to realise it had not reached its destination or that a junior could be in charge of posting such delicate information and given that they failed to follow security protocol wouldn’t be surprised in him sending the password in the same package.
Its disgusting the child benefit department haven’t sent out letters as yet but do i really want their lame apology?
With the details that are available the possible uses of that data are huge and may not be recognised 4 years 2 come. Obtaining birth certificates given that they contain my child’s details what with all the illegal immigrants here obtaining, passports opening bank accounts and much more, a half intelligent fool could find a lot of use 4 the data.
They have seriously cocked this up and have a long way 2 go in rectifying this mess. Last night i spoke with the help line 2 be told there is nothing 2 believe that its in the wrong hands, but as they foot know where it is there is nothing to believe that it has not.