Filed under: Civil Liberties, Crime, Economy, European Union, Family, FreeBritain, Health, Laws & Regulations, News, Police State, Politics, Privacy
Source: Daily Mail
Ministers have been forced to order an emergency shutdown of a key Government computer system to protect millions of people’s private details.
The action was taken after a memory stick was found in a pub car park containing confidential passcodes to the online Government Gateway system, which covers everything from tax returns to parking tickets.
An urgent investigation is now under way into how the stick, belonging to the company which runs the flagship system, came to be lost.
Why the fuck was it on a stick in the first place? What is it with these monkeys?
The Department for Work and Pensions insisted that the system’s security has not been breached, but a computer expert told The Mail on Sunday that in the wrong hands the data on the memory stick could enable hackers to access personal details of the 12million people who have registered on the system, including their passwords.
If this memory stick has all the required log-in details, how would the bloated quango be able to tell if fraudulent access was made to the site?
Users trying to log on to the site yesterday were met by the message: ‘The Government Gateway is temporarily offline. We apologise for any inconvenience. Normal service will be resumed as soon as possible.’
The Government also closed down access to self-assessment tax applications via the Revenue and Customs website.
For the past six years, the £18million Gateway system has enabled members of the public and businesses to gain access to hundreds of services from 50 Whitehall departments, including self-assessment tax returns, VAT returns, pension entitlements and child benefit.
This year alone, 1.8million people have submitted their tax returns on the system.
Members of the public registering for the service have to provide their personal details, which can include names, addresses, wages, National Insurance numbers and credit card details.
So your friendly neighbour data gestapo can lose it. As the saying goes, the only person you can truly trust with such powerful data is yourself, this is one of the main reasons the state shouldn’t have it. Ever. No matter what. It is none of their fucking business. They couldn’t organise a piss up in a brewery, unless of course, that would entail pissing taxpayers money up the wall.
The lost memory stick was found two weeks ago outside a Brewers Fayre chain pub in Cannock, Staffordshire, but the Department of Work and Pensions, which owns the Government Gateway, was made aware of its loss only last week when the 2in device was passed to this newspaper.
An expert who examined it for The Mail on Sunday said it contained confidential passwords, security software and the technical blueprint to the system known as the ‘source code’. The memory stick is now in the hands of the police.
This is how this went down. The company the government gave the contract to (probably with a few back-handers) lost this stick and either didn’t even realise it was gone, or didn’t care to tell the government about it. I don’t know which option is worse. By the way, note how the state didn’t ask you your opinion on who such deals should be given out to, or even if you want your life data collected in one (mis)place.
Concerns have been raised before about the concentration of personal information on the system, but Ministers have repeatedly assured taxpayers that the system was secure.
When The Mail on Sunday told the Department of Work and Pensions that the memory stick had been left outside The Orbital pub in Cannock, a spokesman said they were taking the matter ‘very seriously’.
Bullshit. I’m starting to think these data ‘lapses’ are part of some social engineering thing. Condition the public to believe that personal data in its current form is ‘unreliable’. Would be much safer with ID cards and microchips in your arm!
He added: ‘We have launched an immediate and urgent investigation into this. We are going to assess what needs to be done and senior people are involved. The implications are obvious.’
Yesterday, after the service had been shut down, the department added: ‘We have moved immediately to make sure there is no conceivable risk to users of the Government Gateway.
‘We are convinced the integrity of the Government Gateway has not been compromised and there is no risk to users.’
Blah blah. These are the same scumbags who believe in the integrity of a database state.
The breach is just the latest in a long line of scandals involving lost Government data.
This week the Information Commissioner revealed that the number of data breaches – including lost laptops and memory sticks containing sensitive personal records – had risen to 277 since the loss of 25million child benefit records was disclosed nearly a year ago.
In ONE year.
The memory stick was lost by Daniel Harrington, 29, an IT analyst at computer management firm Atos Origin.
The multinational company, which boasts an annual turnover of £4billion, won the five-year £46.7million contract to manage the Government Gateway in 2006.
And why did he have all this data on a usb stick? If he works in the IT business he should know better. I smell a rat.
Computer security expert Jacques Erasmus, from internet protection firm Prevx, said that the passwords and security software saved on the memory stick would provide access into a series of databases or payment systems. But he added that the greatest concern was the source code.
Mr Erasmus, who has previously worked with Government agencies, said that the blueprint to the Government Gateway was ‘invaluable’ for those who would want to harvest personal details or defraud the Government.
So not only did it contain 12million records, it contained the source code for the website. I don’t fucking believe it. It can’t get worse, can it?
He said: ‘We have to hope that there are not more of these out there. This is potentially the most serious data loss this country has seen in recent times.
‘Not only would a fraudster be able to take personal details using the tools provided on the lost memory stick, but the extent of the information contained in the source code would allow a hacker to access the Government Gateway’s payment systems and even divert tax money into private bank accounts.
‘It is unbelievable, incredible. In previous data loss cases it was all clear-cut. The Government could see exactly what was lost and could combat it. They could cancel cards, make the people involved aware of the threat.’
As well as the system blueprint, other files on the stick included samples of personal information. One document held the names, addresses, wages, individual tax liabilities and National Insurance numbers of a group of taxpayers.
I guess it can get worse.
A spokesman for the Department for Work and Pensions insisted that the security software and passwords on the memory stick had been protected so that a stranger would not be able to access the Government Gateway easily.
She said: ‘Passwords are hidden using an industry standard technique which is difficult to break. We believe the risk of someone accessing personal data in this way is extremely low.’
She added that the source code was old, that the step-by-step guide to the system provided in a text file was a ‘low risk’, and that other items on the memory stick provided only a ‘rudimentary guide’ to the system.
She also said that it would be ‘impossible to intercept details of transactions’ and divert money to another account.
Note how these self-serving scum always err on the side of optimism when it comes to their fuck-ups, but are always too quick to attack the average British persons freedom or desire to be independent of the state. In a situation such as this, only an ignorant jobsworth who assume everything will be hunky dory.
However, Mr Erasmus said the source code was only a few months old and that the password encryption would be ‘relatively easy’ to crack, given the information on the device.
He said: ‘I could decrypt those passwords to log in to the system and roam around the network. As we can see from the data on the USB stick, the systems contain highly sensitive personal information.
‘If you can crack those encrypted passwords, and it would just be a matter of time, you could potentially access those 12million accounts and those details.
‘There is even a map on the memory stick of how the whole thing works, to help an attacker.’
Shami Chakrabarti, director of Liberty, said the civil rights group had conducted an audit which showed that the Government had lost 30million pieces of data in the past year.
‘That’s one data bungle for every two people in the country,’ she said. ‘Still they plough on with their Big Brother ambitions; ID cards and the scary central communications database: disasters waiting to happen at our expense.’
Lib Dem MP Norman Baker said the Government were asking for data from taxpayers that they could not protect.
‘The Government cannot be trusted with all this information but they collect more and more,’ he said.
Because they are rushing into a totalitarian system, complete and utter dystopian control. A state-of-the-art panopticon, to watch and control us serfs. Just read this to get a small glimpse of the kind of fascist police state these globalist EU-scum are building.
‘I would have thought the basic security step would be to ensure that memory sticks with all this information on simply don’t exist.’
Yesterday morning, the finder of the memory stick was asked to deposit the device at his local police station. And seven pages of printouts were handed over to a civil servant seconded to collect the documents.
An Atos Origin spokesman said: ‘Atos Origin can confirm that a single memory stick has been misplaced by one of its employees.
‘The company takes the loss of this device very seriously and we are currently carrying out a full investigation of both the circumstances surrounding its loss and the data content of the stick.
‘It is clear that the employee removed the device from company premises in direct breach of our own operating procedure.
‘Atos Origin is working very closely with the Government and the police. The company takes full responsibility for this loss and will discipline the individual involved.
‘It is inappropriate for us to comment further at this stage.’
As the mantra goes, security is only as strong as its weakest link, and you can bet your remaining pennies that this government and its sub-contractors have a shit load of weak links.
In a free society, peoples individual data should be kept away from the slimy fingers of the state. It is your property, it belongs to you, like your DNA, and your fingerprints. Any coercion on the part of the state in an act of oppression and a gross violation of individual liberty.
And I am all for individual freedom.
1 Comment so far
Leave a comment