Government Databases and You or How I Learned to Stop Worrying and Love Information Loss. By Patrick Fahey Mis 304

What happens when governments transfer data? HMRC(HM Revenue and Customs) lost 25 million individuals' data The data included information all families in the UK with children under the age of 16 Two disks were being transferred between branches of the government The information was being sent to the National Audit Office  This was to check for benefits fraud

The database Key identifier is the National Insurance Number Other information included  All family members names living in the same house Partners included  Dates of birth  Addresses  Employment information  Bank account information for head of household The disks were password protected, but not encrypted

The Black market for your information Bank account numbers=$30 to $400 Credit cards=$.50 to $5 15 million bank accounts were tied to the information that was lost The two missing computer discs could be worth up to £1.5bn to criminals.

Government Reaction Government only announced problem after a month of the data missing Set up hotline for fraud awareness/prevention  Which told people to check their bank accounts Sent out letters of assurance HMRC chancellor resigns

Two years on The government still loses one PC a week to theft  The discs have still no been found Procedures aren't being followed  After the first disks were lost, a second set was posted off. In breach of procedures. Data can still be directly downloaded from computers with sensitive information There are no controls on removable storage devices

Changes need to be made Removable devices need to be disabled Government agencies need to be hooked up to a secure network Encryption Access to large databases of information needs to be protected both online and in person Separate databases for names and financial data Don’t transfer computer information by MAIL!!!