• On TV.com: TOP 10 Shows CANCELED Too Soon
November 3, 2008 4:04 PM PST

British tax site goes dark after data security breach

by Elinor Mills

Security breaches happen all the time. But a recent incident in England is particularly worrisome and illustrates the risks of storing sensitive data on USB thumb drives which can easily slip out of a pocket or briefcase.

The British Department for Work and Pensions shut down a consumer Web site after a flash drive containing confidential passwords and source code was found in the parking lot of a pub two weeks ago, according to the Daily Mail.

The Government Gateway site, which about 12 million citizens use to file tax returns and pay parking tickets, contains addresses, salaries, National Insurance numbers, and credit card information.

The drive was lost by a 29-year-old IT analyst at Atos Origin, which has a contract to manage the Web site for the British government, according to the report.

"Not only would a fraudster be able to take personal details using the tools provided on the lost memory stick, but the extent of the information contained in the source code would allow a hacker to access the Government Gateway's payment systems and even divert tax money into private bank accounts," Jacques Erasmus of Internet protection firm Prevx told the paper.

The data was password protected but it would be "relatively easy" to crack, he said.

Elinor Mills covers Internet security and privacy. She joined CNET News in 2005 after working as a foreign correspondent for Reuters in Portugal and writing for The Industry Standard, the IDG News Service, and the Associated Press. E-mail Elinor.
Topics:

Privacy & data protection

Tags:

England,

security,

privacy

Share:
Digg
Del.icio.us
Reddit
advertisement
Click here!
Recent posts from Security
Apple plugs holes for domain spoofing, other attacks
Microsoft launches Forefront Protection 2010
'60 Minutes'--Cyberwar: Sabotaging the system
Microsoft to fix holes in Windows, Office
Google privacy controls: Most people won't care
Zero-day flaw found in Web encryption
Mac Game: Art project or malware?
Corporate bank accounts targeted in online fraud
Related
ChoicePoint to pay $275,000 in latest data breach
IBM privacy chief: Asia need not mimic Europe
Hacked Web mail accounts used to send spam
MobileMe: Syncing keychains asks for a password to a different computer
LA approves $7.2 million Google Apps deal
Q&A: Schneier warns of marketers and dancing pigs
Bank Trojan botnet targets Facebook users
Apple KB Updates: Windows printing, multiple iPods with one Mac, iMovie '09, and more.
Add a Comment (Log in or register) (4 Comments)
  • prev
  • 1
  • next
by NewsReader_ November 3, 2008 6:20 PM PST
Correction :-)

The drive was lost by a "former" 29-year-old IT analyst at Atos Origin
Reply to this comment
by Hunnter2k3 November 4, 2008 4:12 AM PST
Seriously can't believe these things even happen.

When i was at college, i never lost my drive because i knew it would screw my work up by a few days, but losing THIS?! I don't think he will ever be hired again by any IT company...

But even then, the fact that these things aren't Truecrypted or similar, or even better, put in another container which has GPS, is rather shocking.
Reply to this comment
by askgees November 4, 2008 10:12 AM PST
This is just another example of the problems faced today. It's not the systems that are the risk, it's the people who manage them. The person who copied the data to the flash drive and then lost it should be fired or placed in another position where brains are not necessary. Any data transferred to a jump drive should be stored on a secure jump drive not just any old drive. Second of all not securing the drive is worse. It only proves that the weak link is the human link.
Reply to this comment
by csegeek November 6, 2008 6:07 PM PST
The Dreaded Flash Drive the most Dangerous IT Tool

These little marvels of technology have made life easy for IT, the common worker, and even myself.

The drives now come in a variety of sizes that will suit almost anyone?s needs, from 1GB for $5.99 for documents, pictures, and music to 32GB $59.99 that will transport six full length DVD quality movies with room to spare for documents, pictures, and your favorite mp3?s. The larger models could even transport a mid-sized company?s entire data base containing all of their customer?s information.

There in lies the problem. Data Security needs to be a ground up item, starting with the people that have access to the information


<a href="http://cegeekbook.blogspot.com">ce's geekbook</a>

csegeek
Reply to this comment
(4 Comments)
  • prev
  • 1
  • next
advertisement

After 5 years, Firefox faces new challenges

Mozilla helped reshape the Web since releasing Firefox 1.0 five years ago. Now it's got a reawakened Microsoft and Google Chrome to reckon with.

There's a map for that: GPS or smartphone?

Almost every handset comes with mapping software these days, but standalone GPS devices are becoming more affordable than ever.

About Security

Online security is threatened by more than hacking and phishing attempts. Check here for the latest updates on software vulnerabilities, data leaks, and rapidly spreading viruses--and learn how to protect your systems.

Add this feed to your online news reader

Security topics

advertisement
advertisement

Inside CNET News

Scroll Left Scroll Right
News
News site map
Latest headlines
Contact News
News staff
Corrections
CNET blogs
Popular topics
Apple iPhone
Apple iPod
Cell phones
Dell
GPS
LCD TV
CNET sites
CNET Site map
CNET TV
Downloads
News
Reviews
Shopper.com
More information
Newsletters
CNET Mobile
Customer Help Center
RSS
CNET Widgets
About CNET