Advertisement
Promo

Security threats Toolkit

Lost Standard Life CD was unencrypted

Tom Espiner ZDNet.co.uk

Published: 06 Nov 2007 12:03 GMT

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

A lost compact disc containing the personal pension details of 15,000 people was not encrypted.

The CD was lost in transit between HM Revenue and Customs Service and financial services company Standard Life, and was unencrypted, HMRC revealed on Monday.

"HMRC take the security of customer information very seriously. The data, which contained the records of around 15,000 people, was lost in transit by HMRC's external courier," said an HMRC statement. "Customers have been written to and precautionary measures have been put in place to check customers' records for any fraudulent activity. We have also reviewed our arrangements and introduced safeguards to prevent this happening in future."

One form of pension payment is an Age Related Rebate (ARR). Funds are paid into the accounts of individuals' pension providers by HMRC electronically, depending on the level of the National Insurance contributions people have made. The pension details of the individuals are then sent separately to pension providers, to enable their records to be updated.

Sentry Posts Blog

Sentry Posts Blog
Guarding the network

What you need to know — and what you and your peers have to tell us — about security management in our new community group blog

Read more +

In this instance 15,000 pension details of customers of Standard Life were sent to the pension provider by HMRC via an unnamed third-party courier, at the end of September. However, the courier lost the disc, which was not encrypted, an HMRC spokesperson told ZDNet.co.uk.

"HMRC very much regrets that this has happened and are committed to working with the institutions to ensure that those customers affected receive the advice and support they require," said the HMRC statement. "We have asked customers to remain vigilant and have set up a number of dedicated HMRC telephone hotlines."

The data contained on the disk included the surnames and initials of the individuals, as well as their National Insurance numbers, dates of birth and pension plan numbers. That the disc was not encrypted means the details can be read more easily.

  • Email
  • Trackback
  • Clip Link
  • Print friendlyPrint with EPSON

Did you find this article useful?
22 out of 25 people found this useful


In association with HP

Talkback

Post a comment


Full Talkback thread

4 comments

  1. Typo? andrewdonoghue
  2. muppets 46880
  3. Al Qaeda 182884
  4. Why CD?? derrick

Related Links

More In Security threats



Company/Topic Alerts

Create a new alert from the list below:






Related Jobs

IT Project Manager, GBP40,000 to GBP50,000 + Benefits, Peterborough

Lead Software Developer (C#.Net / JavaScript)

Senior Business Analyst

Related BlackBerry Resources

Protecting the BlackBerry Device Platform Against Malware

BlackBerry Devices with Bluetooth - Security Overview

BlackBerry Enterprise Server IT Policy

BlackBerry Enterprise Solution - Security Technical Overview

BlackBerry Enterprise Solution and RSA SecurID

CIO's Guide to Mobile Security

See All White Papers

Video icon

Video

Sentry Posts Blog

Authentication risks all too human

Risks to successful online banking identification and authentication using smartcards involve a mixture of human and technological factors, according to the European Network and Information... More

1 comment

Opera censors Chinese content

Opera has updated the Chinese version of its mobile browser to stop users accessing restricted content. Opera Mini was updated on Friday from an international to a Chinese version,... More

2 comments

Symantec website breached

Security company Symantec has said that one of its websites was successfully breached. Romanian security researcher 'Unu' posted details of the breach in a blog post on Monday. Unu... More

Post a comment


Skip Sub Navigation Links to CNET Brand Links

Help

Become part of the ZDNet community.

ALL TOOLKITS

Blogs

Newsletters