Bl**dy hell - the government have lost our personal info

[Roskva]

or at least, that of those of us claiming child benefit.

So what is going to stop other people applying for loans, credit cards etc in our names?

er, lack of ID?

I don't think this is going to be all that bad, because banks will be on the lookout for people trying to use information as ID (which you can do in some circumstances now).

But it is ridiculous that security procedures can be so easily breached. what does that say about the security of the new NHS "spine"?

Well, with name, address, date of birth and national insurance number (which are all in the CB records), that's more than enough to apply for a duplicate driving licence or passport...

no it isn't. for a duplicate passport you need a birth certificate and countersignature. I'm pretty sure it's not enough for a duplicate driving license either,and if it is currently enough, they'll have to start cross checking signatures at the DVLA (which they should do anyway). They also didn't lose DOB info as far as I know.

I'm not convinced anyone actually checks the counter-signatures, and I'm sure a fraudster could find a corrupt solicitor/local dignitary/teacher/whoever or simply fake the signature of a real one. As a solicitor (even a non-practising one) I've counter-signed a number of applications for driving licences, passports, liquor licences and even a firearms licence. I've never been contacted in relation with a single application. I assume they checked my name is on the Roll of Solicitors, but I doubt anyone bothers. As I recall, the parent's dob is asked for on the CB form. It wouldn't be that difficult for someone to find out pretending to research their family tree or something.

YOu can certainly get a duplicate birth cert with that info, and then driving licence etc. etc.

And they wonder why people are suspicious of ID cards...

And given how lackidaisical banks are wrt fraud against ordinary customers, I doubt very much they are on the look out for anything dodgy as a result of this massive cock-up.

I'm not convinced about identity fraud being widespread

Where is the evidence please so I can be proved wrong

Edam - have you tried to get a copy birth certificate lately? DOB and name is not enough: you need both parents' names and place of birth, and even then you have to sign things and put it in writing.

I know that some fraudsters can currently get away with things with the info that's been stolen, but they can only do it if someone somewhere along the line doesn't do their job properly, and for the foreseeable future at least, i think everyone in the banking/registry/passports game is going to be doing their jobs properly. In fact in the long run this lost data may be a good thing as it will make it harder for people to steal identities with data alone.

MP: identity theft is not widespread as such, but it does happen.

The numpty who sent all the data by non registered post! His/her head will be rolling and they will never get another job - plonker! How basic is that and why was a 'junior' member allowed/asked to do that in the first place FGS! You shred all your data, get internet protection, wear a condom and now this!

It's surprising the number of people who don't do their jobs properly, and lets face it, checking things is pretty tedious. When I applied for dd's passport, the supporting documents including her long form birth certificate (the one with parents' names and place of birth on it) was sent back to a wrong address (fortunately the lady up the road is honest and brought the unopened envelope round). I rang the passport office to tell them they had got the address wrong, and they then told me that the passport had been sent to the same address as the docs. They rang me back half an hour later to confirm it was their mistake. The next day, my friendly neighbour duly delivered an envelope containing the passport.

When I applied for EU health cards for me and dh, they didn't turn up for ages. I rang to find out how long it is supposed to take, and was told they had been sent out weeks ago, and that they would send me duplicates. No mention of what they would do about the 2 missing cards.

So I don't trust any government department to have actually trained their staff properly in data protection issues. Which bugs me no end, as in the days when I was a practising solicitor, I spent a lot of time advising on data protection. And now as an employer, I would be taken to the cleaners if I was so careless with my employees' personal information.

There is no numpty. At least, not a junior one. The discs were sent by internal mail. Which, these days, has been contracted out, of course. To TNT.

Makes you wonder how much sensitive info is being sent via TNT between government departments...

My mother, an ex-Whitehall civil servant, says this would have never happened in the days when they had their own messengers.

Can I just point out that we can soon expect there to be masses more extremely senstive information, certainly enough to steal your identity, all neatly and conveniently gathered together in one database, the National Identity Register? When this happens and when, inevitably, there is a security breach (even a little one), the consequences for those whose information is "mislaid" will be catclysmic.

Of course it's unthinkable that such sensitive info would be mishandled. The government would never be so careless with our personal information, would it? Ooops!

And let's not forget the NHS national electronic medical record. Very sensitive information, now available on a screen in a hospital near you for any passer by to see (docs/nurses are supposed to use a key card to access the data but it's a faff putting it in each time so they just leave one card in all day...).

It's interesting that they guard their own info much more closely. A friend of mine who used be employed in payroll by a quango had to sign the official secrets act. Shouldn't the same degree of respect be shown to our private info?

edam: it is the medical records that I'm now worried about. In fact I wouldn't be at all surprised if this whole thing was a setup by some campaigners against it - I don't remember many things going missing in the internal mail when I worked for big companies. if so, a very good point they've made too, but the tories just keep going on about ID cards (why? you can't fake biometric stuff so actually id cards wouldn't really be affected by this kind of thing).

...and yes, contracting out the internal mail of departments dealing in sesnitive data is ludicrous.

I remeber they wanted to contract out the mailroom of the DSS a few years ago, but there was a big hoo ha, partly because the private bidders were subject to fewer security restrictions than was the internal team. did they do it in the end?

You can opt out of having your medical data uploaded. My GP ain't happy about how secure it's going to be and has info in the surgery.

The Big Opt Out

I probably will opt out actually, but I still don't like the fact that I have to actively do something about it iyswim.

If anyone is interested, there is a petition going on here. petitions.pm.gov.uk/Datahandling/