Skip to content

Management

Technology

Toolbox

Training

Books

White Papers

Webcast

Resource Centre


ComputerworldUK CommunIT

Want to join the UK’s fastest growing dedicated IT community? Enter here to browse the UK’s top usergroups, societies and associations.

Public sector organisations management > government & law > news

November 02, 2008

Government Gateway shutdown in new data scandal

User names and passwords for a key government system found in pub car park

By Mike Simons, Computerworld UK


The Government Gateway has been shutdown after a memory stick containing user names and passwords for the website that gives access to everything from tax returns to parking tickets, was found in a pub car park.

Advert

Ministers ordered an emergency shutdown of the Atos Origin-run site and ordered inquiry into this latest data security debacle.

The Department for Work and Pensions said the memory stick contained user names and passwords for testing an old version of the system and may not hold details of members of the public.

"We have moved immediately to make sure there is no conceivable risk to users of the Government Gateway, and are convinced the integrity has not been compromised,” a DWP representative told the Press Association.

"On the basis of an initial examination of the contents of the memory stick, it is our experts' opinion that the contents would not allow anyone to breach the very strong security safeguards protecting the website."

However, “strong security safeguards” have, time and again, proved inadequate to the task of securing personal data in both the public and private sector.

Commenting on this latest incident, Atos Origin said that an employee had removed the memory stick from the company's premises in "direct breach" of its operating procedures.

The government’s Information Commissioner last week said 277 incidents of data breaches had been reported to his office this year.

Eighty of those breaches concerned the private sector, 75 within the NHS and other health bodies, 28 reported by central government, 26 by local authorities, and 47 by the rest of the public sector.

But Thomas also noted that the amount of data breaches that have been reported to the ICO is might "still be well short of the total".

In the past year, the ICO has taken enforcement action regarding data losses against HM Revenue & Customs, the Ministry of Defence, the Department of Health, the Foreign and Commonwealth Office, Virgin Media, Skipton Financial Services, Carphone Warehouse, TalkTalk and Orange .


Follow highlights from ComputerworldUK on Twitter
Sign up for our Daily Newsletter
The UK IT News widget Get it for your site!

« prev article | more government & law news | next article »

Advert

close

Email this article to a friend or colleague:




PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.

close
  • This article is now being printed.
close

What are your views on this subject? Use the form below to post a comment on this article up to 1000 characters.


Characters remaining:

close

Click below to add 'Government Gateway shutdown in new data scandal - Public sector organisations - ComputerworldUK' to your blog.



If you do not have a ComputerworldUK Account and would like to use this feature, please Register.

If you are a registered, logged-in user, this will post the title and first paragraph of this story to your blog to share with your readers.

What is this?

Advert

WHITE PAPERS

  • Legal risks: Employee use of the internet and email
    Exploring the challenges facing IT Mangers today and vital steps to ensure safe internet an email use by employees.
  • Phishing for victims
    This White Paper examines the phenomenon of phishing. It explains the potentially catastrophic threat it presents to all kinds of organisation. Exploding some widespread myths, it lights up the murky waters where phishing first emerged and where it continues to evolve. But it also highlights what your business can do to blunt the threat.
  • Challenges and opportunities of PCI
    The control framework implicit in the Payment Card Industry Data Security Standard (PCI DSS) provides an enterprise structure for improving operational, security, and audit performance.
  • Social CRM comes of age
    Who is this “social customer”? What strategies and tools does the new breed of CRM provide to do something about this?
  • Risk Management: Protect and Maximize Stakeholder Value
    What has held organisations back from a broader adoption of risk management programs?
*