Every parent in the country has been put at risk of fraud and identity theft after the Government lost 25 million personal records in Britain’s worst ever data protection breach.
Two compact discs containing bank details and addresses of 9.5 million parents and the names, dates of birth and National Insurance numbers of all 15.5 million children in the country went missing after a junior employee of HM Revenue and Customs put them in the post, unrecorded and unregistered.
....experts warned that the data could be hoarded for years by criminal gangs before being used to commit fraud on an unparalleled scale.
....The discs - which were not encrypted - also contained all the information a criminal would need to commit identity theft by applying for loans, credit cards and goods in someone else’s name.
....The CDs were posted on October 18 from HMRC’s offices near Newcastle, but failed to arrive at their destination, the National Audit Office in London.
Managers at HMRC were not informed until November 8, and Mr Darling was told on November 10, but the police were not called in until November 15 - a week after managers were told and five days after Mr Darling knew about it.
HMRC said the staff member who sent the CDs assumed they had gone missing in the postal strike or in an office move by the NAO and kept quiet “hoping that it would turn up”.