British people were told yesterday that the personal data of nearly half the nation has “gone missing”. In the newly merged department of Inland Revenue and Customs, a “junior official” downloaded the personal details, including bank account data and National Insurance numbers, of 25 million people and placed all of it on two unencrypted CDs.
The official then put the CDs in an envelope and posted it. The package wasn’t even registered so couldn’t be tracked or traced. It’s now officially “lost in the post”.
Alternatively, it may have been stolen to order by organized crime. We have been told, the official is now under guard in a “safe house” to protect him or her against the media, and presumably criminals seeking “to make him an offer he can’t refuse”.
This morning there’s huge panic all over the UK as people wake to find their bank accounts and personal identities compromised in the most dangerous way possible.
Once again we see the perils of allowing a central administration to accumulate vast quantities of information through a system of universal benefits more in tune with the Soviet era than the distributed nature of data in the age of the internet.
What can you do to protect yourself against the kind of scam everyone in the UK is now worried about?
1. Check your bank and credit card statements for the next 5 to 10 years. Criminals can lie low and strike when banks get sloppy again.
2. Change your online banking password, especially if you use family data as a memorable word.
3. Look at your credit report. The information in the Child Benefit Agency records is enough for a criminal to apply for loans, credit cards and even mortgages in your name, as well as other forms of credit such as mobile telephone and catalogue accounts. Your credit report lists all your credit commitments and recent applications for credit, so you can instantly see if someone has been trying to use your ID.
Apart from that, you are at the mercy of Government officials and your bank’s security measures. Ultimately, they must take responsibility for protecting their customer’s data.
Unfortunately, British Government agencies routinely break its own Data Protection Act. The shambles goes on.