Rythie's Blog

Technology and stuff

Loss of 25m Child Benefit Records

I couldn't quite believe it when I heard that HM Revenue and Customs have 'lost' 25 million child benefit records. It does seem that the data was password protected, but that presumably means something like a zip file or MS Excel password, then this is akin to losing a suit case with millions of pounds in it and then mentioning it had one of those tiny suit case padlocks on it.

It should be clear to any organization, that handles this kind of data, especially in this volume, that security is of paramount importance. Here some the security measures I think should have been in place and would have prevented this from happening:

  • No one should be able to download large portions of the data without special procedures for data security being enforced (say more than 1,000 records)
  • Any data that is transfered should be encrypted with strong cryptography. The key(s) to this encryption should be sent separately to the data and only after the data is acknowledged to arrived safely.
  • All data of this type should be sent by a secure transportation company such as Securicor.
  • If at all possible the data should never leave the secure site where it is normally resident
  • If anyone requests data the bare minimum that they require should be provided with no extra fields.
  • Anyone who goes anywhere near this kind of data should be given comprehensive security training.
Even if all but one of these measures were to fail, this breach would still not have happened.

The sad fact is that any security professional or group should have been able to tell them this (and whole lot more for other scenarios), but for some reason HM Revenue and Customs didn't take this type of advice or maybe didn't implement it properly.

Before this story surfaced I had already been very skeptical of the ID cards project. It would be very hard to keep this data safe. If the data were ever lost it would be a lot more serious than what has been lost in this case, both in the number of people and the amount of data about each person. I am now even more skeptical since it seems the government can't even handle quite basic data security concepts like the ones I have outlined.