Ability Forum

[Lovingheart]

Stolen: Sensitive personal data on 30,000 disabled benefits claimants
PublicTechnology.net, Friday 18 May

This was published: 2007-05-18 08:10:00

30,000 disabled people had sensitive personal information including
bank account details stolen last September, Liberal Democrat research
has revealed.

Recipients of Independent Living Funds and civil servants working on
the scheme had personal information including their names, addresses,
National Insurance
numbers and bank account details stolen when a van was broken into
last year.

Commenting Liberal Democrat Shadow Work and Pensions Secretary, David
Laws MP said:
"This is deeply worrying for those whose personal details have been
stolen.

"This Government has an obsession with gathering ever more
information on its citizens despite its abysmal track record of
ensuring that the details it
holds are kept secure.

"This is a government which has presided over the identity theft of
13,000 Tax Credit Office employees, the leaking of 30,000 junior
doctors' police records
and sexual preferences, and now we discover that 30,000 people
claiming Independent Living Funds have had personal details stolen.

"With the increased scope for fraud from ID theft, the Government
should stop gathering in more and more data until it can safeguard
the information it
already has."

The Independent Living Fund is designed to help people if they are
disabled, to live independently at home rather than in residential
care. Payments are
made at a maximum of £455 per week and can be used to employ people
to give personal and domestic care in the home.

The information about the theft was released in response to a
Parliamentary Question from David Laws:

Mr. Laws: To ask the Secretary of State for Work and Pensions
pursuant to the answer to the hon. Member for Cotswold of 27 March
2007, Official Report,
column 1496W, on independent living funds, what action was taken as a
result of the theft; whether those whose personal data were stolen
were informed;
how many people's personal data were on the tape; whether those whose
personal data were stolen have since been victims of identity fraud;
when the theft
was discovered and how long after the theft occurred the discovery
was made; what type of personal data were stolen; and if he will make
a statement. [134150]

Mrs. McGuire: Following the incident last year, the trustees of the
ILFs' immediately instigated a full end-to-end review of IT security,
as a precautionary
measure. This review was carried out in consultation with experts in
the field of IT and data security.

All those whose personal data was contained on the stolen tape were
informed of the incident in writing. The ILFs' also set up a
telephone help line to
help customers who had additional queries.

The stolen tape contained the personal data of approximately 30,000
people, including all current customers of the ILFs', as well as ILF
staff and a number
of former customers of the funds, whose details are retained in line
with strict data retention policies.

To date, there has been no evidence to suggest that anyone has been
the victim of identity fraud as a consequence of this incident.

The theft, which involved a forced entry to a data transport and
storage contractor's van, while the tape was in transit to the ILFs'
office, occurred on
21 September 2006 and was discovered, reported to the police and
notified to the ILFs' management in less than two hours.

The exact amount of personal data stolen, varied from person to
person but the range of data included names, addresses, dates of
birth, national insurance
numbers and bank account details.

After receiving advice from a range of security professionals, the
date of this incident was not made public. There was no information
in the public domain
to link the incident to the ILFs' and to release the date of the
incident then, could have increased the risk of an attempt to access
the data on the stolen
tape.

We consider that due to the length of time since the incident, the
risk now of the data being compromised is low. Accordingly, the date
of the incident
has now been made public.

Posted by: Editor

_________________
Warmly,

Amit Bhatt
New Delhi, India
Mob: +91-9013323229
"Alone we can do so little, together we can do so much"-Helen Keller.

Stolen: Sensitive personal data on 30,000 disabled benefits claimants
PublicTechnology.net, Friday 18 May

This was published: 2007-05-18 08:10:00

30,000 disabled people had sensitive personal information including
bank account details stolen last September, Liberal Democrat research
has revealed.

Recipients of Independent Living Funds and civil servants working on
the scheme had personal information including their names, addresses,
National Insurance
numbers and bank account details stolen when a van was broken into
last year.

Commenting Liberal Democrat Shadow Work and Pensions Secretary, David
Laws MP said:
"This is deeply worrying for those whose personal details have been
stolen.

"This Government has an obsession with gathering ever more
information on its citizens despite its abysmal track record of
ensuring that the details it
holds are kept secure.

"This is a government which has presided over the identity theft of
13,000 Tax Credit Office employees, the leaking of 30,000 junior
doctors' police records
and sexual preferences, and now we discover that 30,000 people
claiming Independent Living Funds have had personal details stolen.

"With the increased scope for fraud from ID theft, the Government
should stop gathering in more and more data until it can safeguard
the information it
already has."

The Independent Living Fund is designed to help people if they are
disabled, to live independently at home rather than in residential
care. Payments are
made at a maximum of £455 per week and can be used to employ people
to give personal and domestic care in the home.

The information about the theft was released in response to a
Parliamentary Question from David Laws:

Mr. Laws: To ask the Secretary of State for Work and Pensions
pursuant to the answer to the hon. Member for Cotswold of 27 March
2007, Official Report,
column 1496W, on independent living funds, what action was taken as a
result of the theft; whether those whose personal data were stolen
were informed;
how many people's personal data were on the tape; whether those whose
personal data were stolen have since been victims of identity fraud;
when the theft
was discovered and how long after the theft occurred the discovery
was made; what type of personal data were stolen; and if he will make
a statement. [134150]

Mrs. McGuire: Following the incident last year, the trustees of the
ILFs' immediately instigated a full end-to-end review of IT security,
as a precautionary
measure. This review was carried out in consultation with experts in
the field of IT and data security.

All those whose personal data was contained on the stolen tape were
informed of the incident in writing. The ILFs' also set up a
telephone help line to
help customers who had additional queries.

The stolen tape contained the personal data of approximately 30,000
people, including all current customers of the ILFs', as well as ILF
staff and a number
of former customers of the funds, whose details are retained in line
with strict data retention policies.

To date, there has been no evidence to suggest that anyone has been
the victim of identity fraud as a consequence of this incident.

The theft, which involved a forced entry to a data transport and
storage contractor's van, while the tape was in transit to the ILFs'
office, occurred on
21 September 2006 and was discovered, reported to the police and
notified to the ILFs' management in less than two hours.

The exact amount of personal data stolen, varied from person to
person but the range of data included names, addresses, dates of
birth, national insurance
numbers and bank account details.

After receiving advice from a range of security professionals, the
date of this incident was not made public. There was no information
in the public domain
to link the incident to the ILFs' and to release the date of the
incident then, could have increased the risk of an attempt to access
the data on the stolen
tape.

We consider that due to the length of time since the incident, the
risk now of the data being compromised is low. Accordingly, the date
of the incident
has now been made public.

Posted by: Editor

_________________
Warmly,

Amit Bhatt
New Delhi, India
Mob: +91-9013323229
"Alone we can do so little, together we can do so much"-Helen Keller.

[Adverts]