Morning:
13°c
An awesome and ridiculous film that leaves you thrilled beyond the point of your natural endurance
London faces a wave of bus and Tube strikes that could cause chaos for millions of passengers as unions walkout over pay and conditions
More...
ID card fears as staff hack into Home Office database
Last updated at 09:22am on 27.08.06Office staff are hacking into the department's computers, putting at risk the privacy of 40million people in Britain.
The revelation undermines Government claims that sensitive information being collected for its controversial ID Cards scheme could not fall into criminal hands.
The security breaches occurred at the Identity and Passport Service, which is setting up the National Identity Register to provide access to individuals' health, financial and police records as part of the £8billion ID card scheme scheduled to begin in 2008.
MPs and technology experts have expressed fears that the national register, which will store sensitive details of more than 40million people, will be a honeypot for hackers and identity thieves. Liberal Democrat
Home Affairs spokesman Mark Hunter said: 'These revelations show it is folly to put all the precious personal data of our citizens in one place.'
Personal information about every British passport holder - including their date of birth, mother's maiden name, address and photographs - is already held in the IPS computers.
A Home Office spokesman last night confirmed the IPS security breaches. He also confirmed that three staff involved had been sacked and a fourth had resigned before disciplinary procedures had concluded.
The spokesman said none of the security breaches involved'hacking' by outside criminals, and a 'whole range of protocols and procedures' were in place to protect Home Office databases from unauthorised staff use.
He said: 'System checks are routinely carried out and any violation is dealt with severely.'
The spokesman added that the ID Cards database would be a 'completely different' system.
Home Office figures show that the department's databases have been successfully penetrated on average once a year since 2001.
Four of these security failures were at databases maintained by the IPS, an executive agency of the Home Office created in April.
Computer experts warn that more security breaches are likely to have gone undetected.
Phil Booth, of the NO2ID campaign, said government databases would always be vulnerable to unscrupulous staff.
'That these breaches have taken place in the very agency that is supposed to be protecting the identities of every citizen in this country is a damning indictment of the current system,' he said.
'But when you consider that this agency will be running the ID card scheme, it's truly terrifying.'
John Tullett, the technology editor of Secure Computing magazine, said the Home Office would be 'naive' to assume that the total of recorded breaches reflects the real number of security violations at the department.
He said: 'The trend in IT crime is towards "silent" breaches where very competent criminals get into a system and cover their tracks so they can get in again in future, all without the victim ever knowing.'
Reader views (3)
After personal experience with h/o nothing suprises me anymore, now they want to introduce these cards. Just another blunder waiting to happen, perhaps they should tighten up what they have all ready in hand before giving them selves more work.
- Fion, London, UK
Reveleations 13:16-17 - He also forced everyone, small and great, rich and poor, free and slave, to receive a mark on his right hand or on his
forehead, so that no one could buy or sell unless he had the mark, which is the name of the beast or the number of his name.
Revelation 13:18 - Here is wisdom. Let him who has understanding calculate the number of the beast, for the number is that of a man; and his number is six hundred and sixty-six.
- Jimmy, London
I wonder if they got the idea from their Australian collegues?
- Igor, Newcastle, UK
