You are here: silicon.com > Financial Services > News

HMRC data breach prompts password and PIN changes

But not everyone has made moves...

Tags: customers, hmrc, fraud, accounts

Printer Friendly Email Story RSS

By Tim Ferguson

Published: 29 November 2007 15:31 GMT

A week after HM Revenue & Customs (HMRC) admitted it has misplaced the personal records of an estimated 25 million people, it seems not everyone is concerned about the potential implications.

It emerged last week that HMRC has lost two password-protected CDs containing records of people receiving child benefit payments - as well as those of their children - with information such as names, addresses and bank details.

Security from A to Z

Click on the links below to find out more...

A is for Antivirus
B is for Botnets
C is for CMA
D is for DDoS
E is for Extradition
F is for Federated identity
G is for Google
H is for Hackers
I is for IM
J is for Jaschan (Sven)
K is for Kids
L is for Love Bug
M is for Microsoft
N is for Neologisms
O is for Orange
P is for Passwords
Q is for Questions
R is for Rootkits
S is for Spyware
T is for Two-factor authentication
U is for USB sticks/devices
V is for Virus variants
W is for Wi-fi
X is for OS X
Y is for You
Z is for Zero-day

And despite the increased fears around identity fraud, around 30 per cent of adults who receive child benefit payments have yet to take any action, according to a YouGov survey of 435 adults.

But the UK payments association, Apacs, is encouraged as 62 per cent of those surveyed have checked their bank statements for any unusual transactions.

Some have gone even further, with 10 per cent of those surveyed changing their bank account password and six per cent changing their PIN.

Sandra Quinn, Apacs director of communications, said the survey indicates banks' customers haven't panicked and the majority are following the advice issued.

She added that customers need do no more than be extra vigilant - and carry out simple security checks they should be doing anyway - as there is no evidence the information has fallen into the wrong hands.

The banking industry has said the account details contained in the HMRC records would not be enough for fraudsters to access bank accounts, as additional security information is always required.

But customers using their child's name or date of birth as a password - information which is contained in the lost records - are advised to think strongly about changing them.

Add Comment Add comment  Printer Friendly Print story with   Email Story Email story  
Reader Comments

Changed their PIN ??? Is there something the go...
Graham Coles

re- changed their pin presumably because they p...
Karen Challinor

Click here to see all

Related Links

Minister calls for ID cards review

HMRC's missing discs: Just a warning shot

HMRC email rejected filtering of sensitive data

HMRC data blunder to sink ID cards?

Cheat Sheet: Encryption

Lost Revenue CDs 'worth £1.5bn to criminals'

Can biometrics secure the public's data?

  1. Zones
  2. Management
  3. Networks
  4. Software
  5. IT Services
  6. Hardware
  1. Verticals
  2. Public Sector
  3. Financial Services
  4. Retail & Leisure

silicon.com Financial Services
Get the latest financial services news straight to your inbox. Sign up for the FS newsletter today!

Contactless payments speeds up coffee drinkers

Privacy chief fights UK-wide database

City slickers addicted to email

London data centres hit by credit crunch

Techies kept awake at night

Nationwide hands network reins to BT

How outsourcing saved Zurich's IT

Betfair betting engine goes supersonic

Lloyds TSB banks on SAP SRM

DFS reupholsters its financial system

Deutsche Bank looks to Russia for 'Six Degrees' of CRM

New Star beefs up disaster recovery


  • Jobs
Marketing Director West Midlands 50-75K+ Benefits

Must have a basic understanding of the mechanics, and a good understanding of the application, of the following statistical techniques: o ...

SAP HCM Business Development Executive (Europe)

All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, ...

Implementation Engineer - Unix / Servers - London

Resolve queries from engineering staff within the organisation to enable them to complete tasks -For operational reasons, record and maintain all ...

Steve Boyle
Woolly risk analysis is hastening a housing crash
Comment: Lenders need a sane approach to avert a crisis

Carol Wheatcroft
Will consumers always want free banking?
Targeted, bundled services will be the way to profit...

Steve Boyle
Are rogue traders an inevitable evil?
Opinion: Managers must increase diligence to beat fraud

Julian Goldsmith
Profile: Nottingham Building Society head of IT Jack Cutts
'On the wide accountancy'...

Steve Boyle
Why you should be outsourcing your data centres
Concentrate on the core business...

Bob McDowall
Fixed-income electronic trading faces bleak 2008
Trading platforms likely to draw in their horns for downturn

CIO50 2008
The silicon.com CIO50 2008 profiles the most influential and innovative tech chiefs in the UK across all industries and organisation size, from the biggest FTSE100 companies to high growth dot-com start ups and the public sector. The list was voted on by the UK CIO community and a panel of experts. Find out more in our latest special report.

Stories from the web...


Green Data Center Storage Part II: Sustained Cost Effectiveness in Transitioning...

Oracle 10g R2 RAC Implementation With SLES 10 Linux, IBM BladeCenter and IBM TotalStorage

Distributed and Parallel Database Systems

Migrating From Domino to Exchange 2007 (Part 4)



Quick Sitemap Links: