UK.gov loses 29 million personal records

Be fair chaps

Probably some of those 29 million are the same record being lost again...and again and again....

It may only be about 25 million or say two out of every five people that have had their whole life completely ruined by HMG...er that'll be more ruined than the remainder. Since this HMG has ruined pretty much the whole country and every one in it.

Mine's the one with the escape plan from this 'quasi fascist control freak state' in the pocket.

Paris - cos she has better t1ts than the one's running the UK.

That's half the people...

...in the country who have now had their details thrown to the wind by the incompetent bunch of chuffwits. I wonder if we'll see quite the same level of delinquency when it comes to counting votes in the next general election?

Still, it could be worse. That awful Clarkson fellow could be in charge for a start.

But...

How many of these have been lost by "UK Government" and how many have been lost by private companies contracted to provide services that have traditionally been done very well "in house" by actual civil servants?

What about figures about Data Misuse?

Initially, I wanted to write a little bit about how "The Party" and it's members will bullshit their way around this matter; but I decided that everyone else will cover that matter...

I'm more concerned about the type of metrics that aren't released.

Data Misuse.

Who has access?

Who's access is restricted?

Who has artificially elevated access?

How much access do the Police get?

How often do the Police abuse that access privilege?

How are local councils (mis)using accumulated data?

How many instances of CCTV misuse were there?

How many people with access to ANPR used it to track people?

How has this vast accumulation of Data stopped crime?

Just how much safer has this made us?

etc...

Losing Data is one thing - you can claim it is a one off event. You can claim that if it is misused, then that will be performed by a "criminal element", not insiders. Anyone with a rudimentary knowledge of security knows that most problems come from the inside.

The lack of encryption

in government IT continues to astound me again and again. It is genuinely not hard to implement, and considering the risks, it's easy, even, to justify some amount of funding to get it done.

Even light encryption would render most of these breaches mostly harmless, unless they fell into the hands of somebody with the right expertise and equipment.

29million incidents of incompetance with electronic Data and IT

Questions worth seeking answers to:

Has any Senior Civil Servant or MP been:

a) reprimanded,

b) sacked (without golden handshake/pension),

c) banned from being placed in a position of authority,

d) faced civil or criminal charges,

e) all of the above,

f) None of the above

...

As in most things, our wonderful government scores an F.

Imitation?

Wait a minute - adding up and re-reporting old figures as if they were a new news story? Have you guys been taking pointers from the Labour press team?

@various

@Dai - There is no excuse, GOV is responsible for the data, and they should ensure all users comply / are responsible for the safety of the data.

@DVLA & Supermarket parking tickets - shop elsewhere?

@29million incidents of incompetance with electronic Data and IT - D.O.P.E will now doubt come out with a suitable excuse

(Department Of Pathetic Excuses)

...just wait a moment

The idea that anybody, on either side of the Houses of Parliament, has the slightest idea about data handling, information security &c. is ridiculous.

All we need do is look at their sent boxes for the stuff they've mailed to themselves to read later, or the attachments they've saved. Let alone the copies with researchers, leaked to the press...

They are, after all, our peers. We do get exactly what we elected - these aren't thought leaders they're populists and to think they behave any differently to the rest of the populous when faced with hard work is to set a different standard.

We all know that the reason data is mis-handled is that nobody can be a****d to do it right. Data security used to be easier because handling it was hard work and most security consisted of the person who would do the work saying "No", or "have you got budget?".

Now it is the work of minutes to get an extract and shut the ******* up rather than have to sit through interminable meetings and email threads climbing up through the organisation.

Once upon a time, when you had to have authority / budget in order to be able to mail stuff, when creating a copy was hard then you thought about what you were doing. Not least because photocopying a 100 page document was tedious.

I spend a significant amount of time responding to security / data handling questionnaires and the you can bet I'm the only person in the process that reads the questions and my answers.

Certainly once we're operational most people's reactions are to want the data sent to them regardless because they can't get PGP approved, nor an sftp site set-up. They don't want strong password controls because they can't remember them... as for their reaction when I suggest that a mail-out might be regarded as a change of purpose...

@Bigus Dicus

I fully agree, although the problem is not wholly and solely with the respective IT departments, (all the time anyway!).

I did a stint recently with a UK government organisation overseeing a large technology deployment. One of the challenges faced was trying to get the users to adopt encryption for removable media. This problem was exacerbated by the fact that the head of HR could not see the need for encryption!!

Needless to say i was gobsmacked and even though everyone in Technology was pushing for encryption none of the users would allow it.

Talk about the tail wagging the dog.

Of course they lost it...

...this is the same government who, IIRC, released some kind of statement or had a spokesperson announce, after Hazel Blears' home computer got stolen, saying that all the confidential government data that was on the machine (and never should have been to start with, by the way) was perfectly safe, because Windows had a password on it.

Yes, the current government believes that it is impossible to crack a Windows password, despite there being hundreds of freely downloadable tools on the intarwebnets which will do just that.

If they are ignorant of that fact, which I would call pretty basic IT security knowledge, then how can they be expected to keep data safe?

Paris, because she's well aware of exactly how exploitable all of her security holes are.

Now that we all know each other ...

... surely everything's ok again? By now the personal details of EVERYONE have been released, so we can all be friends and secure in the knowledge we can go ahead and stalk the stalkers back.

Paris because she already has my personal data in her iPhone.

CAT5 got your tongue? Another day-trading loss.

Today's theme is One of Repetition and DeJahFoos. Check out the posts which got the most comments and do them again?

However in Seventh Heaven's Finest Rose Gardens, are the CAT5 dining on a well deserved Tuna fish supper dDelivered from Russia with Love, and they will not be distracted with handfuls of stale nuggets from passing strangers.

Money is what IT has been about and what the PupPeT Masters Is doing for IT?

42 Truly Entertain, does IT take Imagination to make the Servers Purr, for the CAT5 own their Masters, never the other way round -and such is their MuTuAIL Affection that this topsy turvy relationship is Tolerated and Moderated.

And Paris? -a Fine Feline in Great Cat-Calling Games.

They haven't lost them!

If you loose your keys, you don't have them anymore and can't use them. HMG still has the records and can still use them, they have just shared them with members of the public. It is reasonable that government should share information with the public. Now come on, it is unreasonable to ask which members of the public they shared them with. If they had shared them with you, would you want the whole world to know? So just rest assured that HMG does not loose things and will never tell the world about the data it has shared with you.

Never mind encryption

It's just another failure to see the wood from the trees.

Don't take the data off the premises. Ever.

Yes... Ever.

If it ever must be physically transported, then it should be treated with the importance it deserves, not stuck on a CD in an envelope and given to a courier.

But why should it?

Just...

Don't take the data off the premises. Ever.

Get it?

The government doesn't.

Re: Yet another reason against socialism...

Yeah, cos the private sector is so much better at keeping peoples details safe...

@trackSuit - Oh No Not Amanfrommars again

Just as you get into reading some interesting comments, you get an el reg bot spouting unintelligable crud

Dead vulture - What should happen to amanfrommars et al...

Response to many posts

@AC - Be fair chaps

[quote]Probably some of those 29 million are the same record being lost again...and again and again....[/quote]

May well be but, as it’s from a different department, there is, very likely to be, extra data from the records lost that will enhance better ID fraud based on all the previous data this government has decided to give away.

One might believe that this is a deliberate tactic to further the establishment of even more draconian rules that tout the necessity of an ID database so that any personal data “in the wild” can be matched against it in order to stop the terrorists playing out their destruction of the non-complicit with their view.

@Aetyr - Of course they lost it...

[quote]Yes, the current government believes that it is impossible to crack a Windows password, despite there being hundreds of freely downloadable tools on the intarwebnets which will do just that.[/quote]

Absolutely correct. And if you can't be bothered to seek the tools just boot up WinPE on a CD and the access the data without worrying about finding a password. I believe this doesn't apply to Vista though - but I will test that theory tomorrow.

@Jim - Re: Yet another reason against socialism...

[quote]Yeah, cos the private sector is so much better at keeping peoples details safe...[/quote]

The private sector may not be that much better, but as soon as a punter finds out that the company they use has screwed up they can change allegiances, within a few days. The same is not true for government - this is one of the myriad of reasons why allowing government the power over personal data is a complete nightmare and ultimately will lead to the destruction of our democracy.

I do wonder why there are so many Register news items that basically expose our current government’s “no nothing bonzo” strategy on decent IT, especially, when ultimately, it will lead to their downfall – it’s nonsensical; however, perhaps, this video (http://video.google.co.uk/videoplay?docid=3664960863576873594) may provide some kind of insight – but then again it may not. Who knows?

Also I wonder why The Register is not digging deeper; are their journalist too scared?

Not such a big deal

I don't understand why everyone seems to get so annoyed about this. I mean, I lost 35 million peoples' personal details this morning, and I only got up 10 minutes ago ...

figures show that the government "can't be trusted to protect people's personal details".

That would ring true no matter who was in government.

don't get me wrong, I'd love to see Our Dave as head honcho right now but I still wouldn't trust anyone far underneath him to do the right thing. Public sector employees don't change after an election after all.

Politicians are corrupts bastards who all need introductions to the real world or more preferably a chav tio get the right and proper deed done.

@THAD

I take it you don't work in IT then.

If you do, then I hope you don't have a site disaster, because you will lose (really lose, not 'share') all of the data that should have been backed up OFFSITE.

It's all a matter of control and process rather than location.

Get a Sthil

Some do the clamping game (I read McDonalds carparks do this), they stick the fine on then clamp, or even a tow away. Perhaps McDonalds gets a cut of the revenue, I don't know.

not with a sthil cutter, just leave the bits behind, works every time.!!

A title is required.

Normally I can fully accept that people are stupid enough to do really really stupid things.

But this is beyond stupid. This is *so* stupid that it makes me blubber at the mouth and, my subconscious creates possible scenarios with which to explain the event which dont involve everyone in all of levels of government quite seriously having special needs.

The idea that Britain is flooded with Russian spies who are exporting data as part of some plot to further destabalise our messed up society becomes *preferable* to the *slightly* more likely explanation that our country is being run by a bunch of dope-head, university drop-out scumbags high from the fumes of each others absinthe-ladenm piss.