All the latest UK technology news, reviews and analysis
|
|
|
08 Oct 2007
A laptop containing details of customers at banking institutions has been stolen after a member of HM Revenue and Customs (HMRC) left it in the boot of his car.
The computer contained records from finance houses revealing the identity of high value customers who had invested in Individual Savings Accounts, according to research by the BBC.
“We very much regret the loss of some customer data provided to us by a number of financial institutions," said a spokeswoman for HMRC.
"The incident has been reported to the police and we are carrying out an urgent internal enquiry. HMRC places the utmost importance on the security of confidential material and we have in place very clear processes governing the handling of such material.”
She explained that the laptop was password protected using a complex code and that the data was locked with high-level encryption.
"It looks like the HMRC has put in place numerous types of protection which has ensured that the data on this laptop cannot be used by fraudsters," said Philip Wicks, a security consultant at Morse.
"However, this incident once again highlights the need for organisations to think long and hard about the data they allow employees to take offsite on laptops and mobile devices.
"Organisations should have policies and procedures in place that dictate what information can and cannot be taken off the premises."
The laptop was stolen when a member of HMRC was doing a regular audit of the banks' information on 20 September. This involved checking the details of current account holder information against records.
"By taking full responsibility for this loss, HMRC is a perfect example of the rapidly changing attitude to data breach disclosure in the UK," said Jamie Cowper, director of European marketing at enterprise data protection firm PGP Corporation.
"With top-level encryption making it virtually impossible to access the data on the laptop, HMRC had no real obligation or reason to report the breach.
"As such, this voluntary disclosure shows a refreshing level of ethical responsibility and commitment to its customers."
HMRC has advised the banks to notify their customers immediately.
Latest stories from Public Sector
Related articles
Related jobs
Poll
What is the most important IT priority for your company this year?
Hands on with the highly anticipated Android 4.0 Ice Cream Sandwich hybrid tablet
Connect with V3.co.uk
This paper focuses on a series of best practices and techniques for development teams looking to improve their software development processes
Why good data management at all levels is essential in the modern business (video, 6mins)
An Infrastructure Technical Architect is required to...
Managed Services Process's Manager, ITIL V3 Intermediate...
My client is an excellent company within the media industry...
ASP.NET MVC, C# Developer (.NET, C#.NET, dot NET, Web...
Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.
Do you agree?