During over 50years in accountancy I have spent almost as much time in the public services as in industry. Whithout fail I have been horrified by the lack of any form of effective expertise or management ability, whichever branch of the service I was in. It is not enough for the head of these departments to resign. A wholesale clear out of incompetent staff at all levels, and a properly managed transformation of procedures is required.

But! ( a word of caution) Don't hold your breath. There are so many of them with vested interests in maintaining the status quo, that any attempt to improve matters will be frustrated at all turns.

Bill, Northampton,

Having a minister resign will not address the culture of incompetence within particular agencies and departments of the public sector. Well done to the Head of HMR&C for resigning, but can we be reassured that the individuals - junior managers, etc - responsible for the perpetration of the incident(s) will be sacked?

Wheeler, LONDON, UK

While in no way wanting to defend TNT, the fact remains that the discs were sent via the most basic, unsecured service they offer. To entrust a parcel of this value and importance to a courier without setting it up via a proper consignment protocol with a tracking number attached is in my mind disgraceful.
The good news is of course that "lessons will be learned". It does occur to me however to wonder how many more "lessons will be learned" by this joke of a government before someone is actually fired.

Steve, London, UK

This is a good demonstration of how bloated and incompetent this government is. If they attempt to bring in idendity cards I predict civil disobedience on an unprcedented scale, and rightly so since the scheme will inevitably be another multi-billion pound failure.

D. Atara, Georgetown, Guyana

Advice from banks is to shred bank statements, not leave them in the garbage to prevent identity fraud. How then, does the government manage to say there is very little risk of fraud being perpetrated using full bank details, names addresses and national insurance numbers they have lost?

the real Peter, London (or at least I was yesterday - thanks to government incompetence, anyone could be me by now!)

Peter, London,

Just for info. I don't think he means 'post' as in Royal Mail! In Government HQs mail goes by internal post inside envelopes which then go inside what are called 'grids' on which the name & code number of the gov building is written with priority markings (things like 'commercial in confidence') & stickers that close the top of the grid. This system operates effectively up to a point because on the front a grid are the addresses of all the previous places that particular grid has been delivered to, so quite often a grid might be delivered back to a previous receipient by mistake! So this one's probably in Truro local benefit's office! Hence the remark that it might still be 'on gov property'! Get it?!

Sarah N, Leeds, UK

Why was the data to be 'sent' anywhere? Would a bank allow auditors to take the money off site to be counted? When financially sensitive data is treated as the potential equivalent of money, this sort of problem can be addressed. Sadly, this governments (and, I suspect, any subsequent ones) see all data as a PR tool

TC, Cambrdge, UK

I believe "Not fit for purpose" is the correct description again

John Thorpe, Milan, Italy

4 words. "Vote of no confidence."

Hamilton Grayton, Cambridge, UK

Why is there no policy at HMRC that all sensitive materials go by courier and are tracked. what is so difficult about that. We don't need new laws, just a common sense attitude toward operating procedures at HMRC. Inexcusable. If I am defrauded because of this I will be suing the government.

CA, Manchester, UK

Brown and Darling do not understand the basics of data protection, and show this quite clearly when they claim that the HMRC system for data protection is not at fault.

A system can only be considered to be without fault when it has been designed in such a way that its rules cannot be flouted. Without this effort, the rules in and of themselves provide no guarantees at all.

The processes and protocols for data protection should include safeguards against breaches of security; the junior should not have been able to port the data to CD; the junior's access to the data should have been strictly limited by group policy and by access auditing; any access to the data by the junior should have been signed off by a senior official...computer security 101.

For any government official to state that this is not a systemic failure clearly demonstrates that they do not grasp these fundementals, and further shows that they cannot be trusted to safely operate a national identity scheme.

hamps, Hampshire, UK

And they want all our data on ID cards too!!!!!

J Bond, Hong Kong, China

Shocking failure without a doubt.But why is it the govs fault?.
Are,nt the Revenue civil servants.Im no supporter of Labour
but i cannot stand the speculation and the stories in the press.
Has some crazy fraudster got the discs???or are they down the back of someones desk??..Lets wait and see,this headline making panic is nothing short of "worse case" for
the sake of a headline

J.h London, london, GB

sadly the uk has had it.

Roger Jones, kettering,

I've lost faith in this country.

Dave, Accrington,

"... Gordon Brown reiterated his Chancellor’s argument that there was nothing wrong with the HM Revenue & Customs's system to protect private information. He claimed that instead it was a case of the existing procedures not being properly followed."

This statement shows a complete lack of understanding of systems, especially security systems. If there is a possibility of people failing to follow procedures and that failure is not discovered for many months (March to August/September as I understand it, in this case) then the 'system' is not strong enough.

Hence it IS the HMRC system that is at primarily at fault, not the failure to follow it.

Brown's evidence of such an abject failure of understanding and the government, such an abject failure of a basic tenet of the system, illustrates that they can never be trusted with our personal data.

NO ID CARDS!!

Edwin Thornber, Bucharest,

There is clear systematic failure in the security procedures if a junior official has access to this information. Nobody should be in a position able to copy the whole database to a CD. What is preventing one corrupt worker from copying the whole database and quietly selling it to anyone who wants to buy it

This level of incompetence and ignorance really scares me, espcially when the ministers insist that the procedures were not to blame.

Jani Peltonen, London,

Government of talents indeed...

Marco, Venice,

"'Gordon Brown reiterated his Chancellor’s argument that there was nothing wrong with the HM Revenue & Customs's system to protect private information. He claimed that instead it was a case of the existing procedures not being properly followed. "

Crash Gordon's really done it this time and is compounding the problem by making idiotic statements . So low status employee can access all this sensitive data, download it to a disc and pop it in the post? This is the foolproof procedure! Maybe banks should give the combinations of their vaults to the cleaners, just in case they need to dust in there. What, the cleaners left the vault open, but they had clear instructions to lock up after themselves. A pathetic procedure devised by incompetent fools.

Graham, Oxford, UK

This has nothing to do with asylum seekers. Maybe if the idiots who keep voting these morons in could look past asylum seekers as the cause of all the problems in the U.K. this sort of breach would not be allowed to happen. When they are introducing ID cards and spending 3 billion on that project will you still support the scheme due to your fear of asylum seekers.

England is not going to the dogs because of the new arrivals, its the old residents that are bringing the place down.

Anthony, P.O.S., Trinidad

In these dysfunctional muppetts hands our details would be safer in the hands of a trained chimp.
This catastrophic error is not happening for the first time it is as repetitious as the government's "Lessons will be learned"
stock answer to incompetence which is fast becoming a new labour cathcphrase.

Philip, Ipswich,

The loss of so many peoples personal information is I believe one of the biggest threats to the economy ever.

Our modern economy is now more than ever reliant upon peoples ability to borrow easily. Credit crunch aside! I'm fairly sure that it will not have too much of an effect on mortgages but the real effect is far worse.

The main problem is that the people affected are the very age group who need credit for small loans or to buy a sofa, car etc. What happens if this group is suddenly not able to gain easy access to such 'normal' loan facilities? Apart from buy furniture from charity shops etc! Thrift would be forced upon this group which in the long term would be excellent news for the economy. SHort term though the economy would have difficulty adapting to this new world of no credit. A short sharp shock from this now demographic time bomb.

If half the population are afflicted with a life time of fraudulent attempts against them and thus constant bad or poor credit ratings then we are in far worse trouble than the Government has so far admitted to.

Some of you may say that it will easily be sorted out by the credit reference agencies etc. I say not. One story I read recently about a lady who went to buy a car in America. Well apparently she was dead and so unable to buy the car. A bank clerk had made an error so she wrote and they amended the error. A year later she tried for something else but she still came up as dead. The bank had not alerted the credit agency etc etc. It happens all the time apparently but takes forever to sort out. Even over here you have to write to the credit agencies and any bad item is not removed but a note is appended. However it may affect the interest rate you pay. You just never really know.

It was only as I read more of this story that I found out that 25m signatures had also been stolen. Imagine that!

The banks are advising everyone to monitor their accounts. Well they would wouldn't they? I mean imagine trying to change 25m bank accounts overnight! Well change banks is the only safe way out of this. Its no use changing the account number as your sort code will remain the same. Also fraudsters know enough about you to tease out the new account number.

The only safe way is to have a new bank account in a new bank then transfer all your DD's without your old bank being involved. You want absolutely no paper link to your old account. WHen set up you should take the cash out of the old account to close it then physically take the cash to your new bank.

The other important action to take is to change your signature. Any loans taken out in your name and old signature will then be easier to trace or at least not trace to yourself.

If people just let it lie then for the rest of their lives they are at risk of identity theft. If 25m people suffer identity theft then our entire economy will be forced to change as credit reference agencies the very cornerstone of the current economy will be totally unreliable.

Maybe it will be harder to gain a mortgage after all?

Paul Lavin, York, uk

Darling has been in his position for how long? He is not responsible for the procedures that failed. Who was his predecessor? There isn't a word in the English language that can describe how incompetent Gordon is. I will NEVER, EVER vote Labour again.

Andrew Doyle, Manchester,

As a Belgian citizen living in/on/soon off I suppose, Albion, I am stunned by the general backwardness of 'official' systems on this godforsaken blundering island. A few years behind the rest of 'Europe' springs to mind.No ID cards,police without guns, condoning jaywalking you name it.....so weird.....
The Brits call it privacy, I call it plain stupidity.
The complete government should resign over this.
Still it is a beautiful country; 32 years ago I fell in love with the 'Englishman' although he came to my country for 20 years (2 sons later) we are all here now.
By the way the child allowance is half of what I would get in Belgium.
annemie price, great malvern

am price, great malvern,

You do realise this is the first time, insofar as I can tell, that a copy of a British government database has been lost. This administration must take credit for the many government databases that may have been copied successfully over the past 10 years, none of which, I hasten to add, have ever been reported as missing.
Secondly, it demonstrates this government's commitment to obtaining the best value on behalf of hard working families and taxpayers. Prior to 1997, data was habitually lost via missing laptop computers, at a cost to the taxpayer of hundreds or even thousands of pounds each. New Labour should be proud of its achievement in reducing these costs to the few pence charged for a couple of CDs.

jasper, chelmsford,

Lets' just hope that the blame, for the catastrophic failure that is blatantly evident, is not assigned to the 'junior' member of staff. Somebody, more senior, asked him/her to perform that task! Here we are in the 21Century; we have technology designed specifically to perform this type of activity. I am sure that if the government had even one jot of respect, for the public, it would have ensured our data would have been handled correctly. It beggars belief! *sigh*
and also *hangs head in dismay*

Stewart McGarrie, Leigh, Lancs

What is the point of burning a cd with a database that changes every single day? It will never be updated again..... so, somebody sold all that information.... for sure.... (Always expect the worst)

angel, bath, UK

It’s not a question of blaming Mr Darling for putting the discs into the mail- that’s clearly not the issue. The problem is one of attitude after 10 years in which the public sector has moved from servant of the citizen to master. With a huge increase in both numbers and pay the sector now treats citizens (whose role is increasingly to do the bidding of officials - from tax man to doctor to armchair general to plastic policeman to bin man, without question) with undisguised contempt; a ‘who cares’ attitude; a threat to ‘report and get their own back’ on anyone who objects to arrogant impertinence; and a total lack of accountability – all imposed and encouraged by Labour hacks. That attitude problem has resulted in the shambles the Brown brigade has caused across the entire spectrum of public affairs. That’s the issue –Labour continues to abuse the people as part of their dash for an all encompassing state under the thumb of a supreme leader.

Doug, Glasgow,

Darling said this morning on the Today programme that the CDs were not encrypted, did have a password and also had "something else" which he said he couldn't talk about, but that would render the data impossible to read.

So, Mr Darling:

1. tell us of this amazing non-encryption "something else" that is on the CDs, as everyone I have spoken to in IT has never heard of it so you must share your discovery with us.

2. If this "something else" means the data CANNOT BE SEEN - your words this morning - then surely nobody has anything at all to be worried about, no steps need to be taken whatsoever.

Yes?

Laura Roberts, London, UK

Yesterday I wondered exactly what Mr.Gray "stepping down" meant.Had he been sacked or just moved sideways and would he be offered a "package" ,to go quietly .

Tonight we hear on tv news that he is still on full pay until an early retirement "deal" is agreed .The proverbial "package",so beloved of our public sector but financed by all the rest of us.

How long will it be before he pops up again as an Executive Director of a PLC ,or an official in Brussels,still drawing his taxpayer financed index- linked pension?

The price of failure in NuLabour Britain.

sandy, is,

The situation in my oppinion is so serios that banks should issue all customers with new account numbers. The goverment should pay all costs involved in doing so. Brown needs to go, It is one mistake after another. Also wouldnt it have been more secure to send encripted information securly over the internet to the audit office. I would also question weather the junior official was in some way involved in the cd's going missing, were they stolen to order, And why would a junior official be in charge of such an important job in the first place. Who was in charge of his department?. Also shouldnt britain have it's own ordit office why does the details have to goto america.

Chris, Leicestershire, le192dp

Please bring back Blair that bumbled head would be better than these bubbleheads that will bankrupt this country lose its identity and give it all away to the EEC. Whatever next can these incompetent buffoons do? Or dare I even ask? A bank, our identities and _____________ fill in the next debacle word....

jdr

James, London, UK

Makes you almost miss the old days of lopping off their heads. Generally if government is any more competent we would all be in concentration camps. But to err is human; however with computers we can screw up faster and more efficiently than ever before! Pray the Lord saves us from those who rule by the might of their good intentions.
“He who rules best, rules least.” – American Colonial Rebel Thomas Jefferson

“Thoughts of an American Conservative from the Hypothalamus of Liberal Lunacy.”

Boulder Colorado, nineteen beautiful square miles surrounded by reality.

Eddy, Boulder, Colorado / USA

Until its been confirmed that it was turned over to the Russian Mafia lets not act like it has.
Arent the Revenue Civil Servants?...didnt TNT lose it?so why is it the Gov being blamed?(I am not a labour supporter )

J.h London, london, GB

Unfortunaly i am beginning to thinkthat we have the goverment we deserve. There have been numerous occasions when their honety, integrity, competancy have all been more than called into question.

Yet we voted thm in again, and we all sit here ad moan butwe do not put up a concerted front calling for them to go.

I have vote on my blog http://www.rattytattysblog.blogspot.com/
so far only14 people have visted but every singe one has voted or the overnment to go. i lso have a free downlodable poster

Lts how them hat we#ve had enough
and its time they should go.

Traceyt Dean, Crewe, Cheshire

it is the final straw. i am a socialist and have always voted labour. i have worked in the public sector for 20yrs. the truth from where i am is that it has got very much worse. my own service has been tossed and turned and received record levels of funding and still we cant deliver the results the government wants. why? because they dont know what they are doing. its time for less red tape, more pride, more security and if we have to live in a market driven materialistic state let the tories run it-they do it so much more openly........in any case its time for another change and we all know it.

ian moore, rotherham, england

It's all very sanguine to say that the banks will cover any fraudulent use, but where do the banks get their money from?
Us! If the government underwrites the banks where does the government get the money from? Us again! Heads we lose, tails we lose.

Bernard Lelliott, Worthing,

How many of this administration have held down real jobs, been responsible for the efficient running of a medium or a large organisation where failure is recognised and success rewarded?
This government have not yet realised that it is one thing to pass legislation and another to ensure that it is carried out effficiently. Surely by now they should have learned this basic lesson.

Ally, Motherwell, Lanarkshire

I agree with all the previous comments:
Indeed, how can G Brown make derogatory comments about the organisation and running of HMRC when he himself was nominally in charge of it for 10+ years?
How on EARTH can either G Brown or A Darling say there is no risk of fraudulent data use when 7.2 million peoples personal data has been lost?
If TNT has the sole contract for delivering internal Govt. mail, why on earth is that system not 100% secure?

Who_at_the_Internal_Audit_Office_needed_all_that_information_ and_ WHY_???

Not to mention all the delays in who told whom and when!!!

Tone Franklin, Nottingham, UK

I am more curiouse to know the contractors who handle the
work for governments,documentation&data con IT_UK ?
Cllr Ken Tiwari(Oxford UK)

Cllr Ken Tiwari, Oxford, United Kingdom

To blame this on a failure to follow procedures is like leaving a bank vault open and then relying on a procedure that no one must steal from it.

D Harrison, East Sussex,

Come on, Mr Brown, it's time you resigned.
You'll surely get a decent pension.
Get out and let us vote for a decent government.

grindlestheelder, london, england

This is not a mistake, or processes not being adhered to - far too simple an explanation. Its an absolute fundamental business failure as access control to the database appears to have been non existent.

Let the poor wee chap who copied the file keep his job, but fire the rest, including the incompetent minister who was on Newsnight last night - what a dumdum - not got an idea about data security / access control.

Freddie, Largs, Scotland

A knighthood in the making

hytron5, bishops stortford, herts

over how many years are we to be deligent and cheque that our bank accounts are not being tampered with. any smart person that has now got htese discs will probably not use them for a couple of years or more. are we supposed to check our accounts thoroughly forever.
what a bunch of morons.

surprised is nobody, london,

"Ah, but the good news is, there's still 35 million we haven't lost," come one, let's spin it and make it look positive!! Morons.

Paul Downes, Milton Keynes, Bucks

The positive in this deeply depressing news is that the government is now under intense pressure to reform Data Protection Law and this desperately needs to be done. The question isn’t so much about what information the government has on various systems but who actually has access to this information. How can we be sure that they be trusted? What safeguards will there be? How will this prevent our information from falling into the wrong hands or being abused? All of this should have been resolved at least 20 years ago when Data Protection Laws were first being introduced. If it had then maybe the government wouldn’t find itself in the position it is in now.

Jason Mead, Bristol, England

I second the call for a vote of no confidence in this shambolic governement.

"Taxation without representation is tyranny"

W Smith, Oldham,

The Government does NOT support the British Royal Mail. It supports DHL and/or TNT which are NOT British. It was TNT that lost those discs NOT Royal Mail

T Smith, Uxbridge, UK

"...it was a case of the existing procedures not being properly followed."

It's more a matter of putting blind faith in "procedures" and not anticipating that if a "procedure" is inconvenient, it *will* be ignored. Every intelligent person knows this.

The correct follow-on questions include:

Why were the procedures not properly followed?

Who wrote those procedures and who approved them?

Who hired the person who disregarded the procedures?

Who is responsible for improperly training that person?

What were the qualifications of the responsible "junior official"? The news says "IT professional" but his/her actions are not those of someone who understands the nature of their work.

Why were the IT systems not engineered to make this kind of mess impossible, instead of depending on human frailty?

The real problem is that the government has taken, in this matter as in many others, a bureaucratic approach that is fundamentally inhuman and mechanistic. Bolshevik, in a word.

RW, Victoria, BC, Canada

Does anybody know whether HMRC are liable under the Data Protection Act? Could be the mother of all class action suits.

Stuart, Sheffield, UK

Why was all the information on disc and why on earth was it being sent in the post in the first place?

SM, UK,

Interview any mid-level employee of this government department , who has several years experience in the department , and your readers would be horrified at the revelations of incompetence .
It used to be called "the broad brush"

Ben Crozier, Civitanova , Italy,

"Gordon Brown reiterated his Chancellor’s argument that there was nothing wrong with the HM Revenue & Customs's system to protect private information."

Brown and Darling must think the public are stupid. The mere fact that this data was available in such volume to a junior person who was then able to burn it to a cd is clear evidence that the systems are not secure and there is everything WRONG with them.
There is also a assumption that all civil servants are honest and treat secret information as such. Well, remember Philby, Burgess and Co, the government are naive in the extreem.

Nigel Graham-Miller, Valencia, Spain

Hi,
This shocking event and the statement by Mr. Brown “Gordon Brown says HMRC systems not to blame for loss of bank data on 25m people”. This is in deed true as captain of the ship the blame lies by him. In the midst of a financial crisis the bank could
Utilize the situation to there needs.
Dr. Terence Hale Zandvoort

Terence Hale, zandvoort, Holland

This is not a simple operational failure by an individual not following rules , it is a systemic policy and management failure of the highest order to allow access to sensitive customer data, such that an individual can download these files on to disks.
This data should be held in a secure location with restricted and properly controlled access.
What would happen if an employee were coerced or corrupted to download copies of customer data by a criminal body or for money.
Would the government know?
Indeed it begs the question how many illegal copies of sensitive data have been taken witout the government knowing.
I have heard it said that everything will be allright if the disks are recovered. This represents the type of limited thinking that got them into this mess - have they not thought that the clever criminal will copy the disks and then make them available for recovery to initiate complacency.

James, NI, UK

What a laugh this government is, laptaps and discs disappearing. David Cameron should put forward a vote of NO CONFIDENCE with this government and start to bring this government down once and for all. Are illegal immigrants reponsible for this fiasco?

P.Simspon, Leics, Leics

Well, isn't this just great. We already knew the post office has bags of unopened mail waiting to be processed; we now know HMRC has the same problem. There is no longer any guarantee of service or competence in these areas. But no doubt Alistair Darling and his colleagues have the number of a senior contact in the Revenue for any difficulties they may personally encounter. The rest of us mere citizens and tax payers are clearly entitled to no such consideration.

Given this fiasco, can we now please put the idea of ID cards and a national database back in the bin where it belongs. Preferably without all my personal details on it.

Isadora, London,

I am not too surprised, last year my passport was sent (suposedly by secure means) to the wrong address and was only delivered to me because the people at that address were honest.

C Addison, Bournemouth, Dorset

I am curious to know the identity of the official responsible for sent off the discs. How much authority did he have?
Was the person an illegal?

Ramesh, london, uk

Incredible - the incompetence of this dept. is truly stunning - Surely the Govt and its depts. / ministers have a duty of care to be absolutely certain that privileged information such as this is held securely and when transferred, is also done in a secure manner. The fact that this has NOT been the case begs the questions of: 1) Are they in breach of the data protection act? 2) Irrespective of any financial losses incurred is the govt now open to being sued for being so negligent?
If a private agency had been so lax with its security and this had happened they would be finished - no credibility, customers howling for blood.... Ah, sounds a little familiar then really!

JD, Swansea, UK

Perhaps the 'missing' discs have never existed? Some junior or senior person,it matters not, failed to create and send the discs (cheque in the post scenario) and to cover that up a second and only set was created and sent by registered post. Such cover-ups are not uncommon in all organisations.

j.a. clifford, Glasgow,

I am Stunned- which is an understatement to say the least!
How can they say 'There won't be any risk of Identifty Fraud? Vital personal details are now 'lost' and any hacker worth his/her oats will accesss the data if the discs are found

At least the Head of HMRC did the honourable thing and resigned ( a rare occurrence) - will the Politicitians be similarly responsible??

Pam Herbert, st Leonards,

Surely as important - if not more important - is that a junior official could download the entire database. What's to say that another "junior official" has not already downloaded the database to be used for his own criminal purposes. Would anybody know? A scandal! You bet.

Paul Wright, Storrington, UK

If this material was 'lost' whilst in the possession of the internal post carrier (TNT), one has to ask how many other government departments use the same carrier, and how many items are lost each year.

SPL, London,

Why on earth ultra sensitive data was sent in this way in the first place is unbelievable. Anyone who has worked in the IT industry will know that there are far safer, secure ways of transmitting sensitive data to other organisations than dumping it to CD's!!! If this method is common practice among government departments and agencies then the latest fau pa is just the tip of the iceberg and someone should be appointed to oversee procedures used by these cretins.

Oxford Don, Oxford, UK

Any bets on how long before we learn that bogus asylum seekers are involved in the loss of the nations banking details?

Colin Soames, London,

Alistair Darling has not been in office for long enough to have had much effect on the detailed behaviour of individual Revenue staff members.

However, there is another politician who ran the Treasury for ten years. This person had plenty of time to mould the Revenue as he wished to. He chose spin over substance, introduced the inefficient and unworkable tax credits system, imposed software and IT systems that have repeatedly failed, and baffled the tax collectors with incessant, irrational changes to the tax rules.

Yes, it's Mr Competent, Gordon Brown.

Frank Upton, Solihull,