Tuesday 23 January 2018

HMRC Takes The Protection of Customer Data Extremely Seriously and Has a Strong Security Culture!


As per The Register:
"Almost 1,500 software developers registered to use the UK taxman's sandbox or API platform have had their email addresses blabbed in a mass mailing.

The snafu happened on Friday afternoon, when an email about the HMRC Developer Hub was accidentally sent with users' addresses visible in the CC field.

The email, with the subject line "API Platform update", was sent by the software developer support team at 1604 GMT.

"Please note the HMRC Developer Hub will remain shuttered over the weekend to allow us to continue testing the service. The Developer Sandbox for testing remains available. The API Platform is working as expected," the seemingly innocent email stated.

However, about an hour later, someone must have pointed out the mistake, and the team issued a recall for the message, which meant the same group received another email with all 1,455 or so email addresses cc'd in.

At 1809, a third email – this time blind-copying in the list – was sent to apologise for the breach.
"HMRC's policy is always to protect customer data, and we take this responsibility very seriously," the email said.

"Unfortunately, in a recent email, a mistake was made and your email address may have been shared with other recipients.

"I wish to apologise for this error and for any distress this may have caused."

As the Reg reader who alerted us to the cock-up observed, this kind of error is easily made, especially when the time is ticking away to beer o'clock.

An HMRC spokesperson said: "HMRC takes the protection of customer data extremely seriously and has a strong security culture.

"We can confirm that this matter was immediately reported through our internal incident reporting process and will be fully reviewed. We have contacted the software developers affected to alert them and to apologise."
It's enough to make you weep!

Tax does have to be taxing.

Professional Cover Against the Threat of Costly TAX and VAT Investigations

Insurance to protect you against the cost of enquiry or dispute with HMRC is available from several sources including Solar Tax Investigation Insurance.

Ken Frost has negotiated a 10% discount on any polices that may suit your needs.

However, neither Ken Frost nor HMRCISSHITE either endorses or recommends their services.

What is Solar Tax Investigation Insurance?

Solar Tax Investigation Insurance is a tax-fee protection service that will pay up to £75,000 towards your accountant's fees in the event of an HM Revenue & Customs full enquiry or dispute.

To find out more, please use this link Solar Tax Investigation Insurance



HMRC Is Shite (www.hmrcisshite.com), also available via the domain www.hmrconline.com, is brought to you by www.kenfrost.com "The Living Brand"

4 comments:

  1. These are the same I.T imbeciles who have been producing a truly awful service to the HMRC staff daily...but are still getting paid big bucks and handed out gongs for no reason whatsoever...a horrible bullying place to work !! Fuck 'em.

    ReplyDelete
  2. They take data security seriously? Sorry, utter BS. I am a victim of HMRC data breaches. An HMRC manager went blabbing to third parties leaving my personal safety at risk. Moreover, when I made a Subject Access Request, HMRC sent me unlawful third party data relating to HMRC employees and taxpayers. I wrote to HMRC, pointing out their error, but they failed to respond appropriately.

    ReplyDelete
    Replies
    1. That is because there is no accountability in the HMRC...unless of course you are an AA or AO...then they come down on you like tonne of bricks...bastards !!
      It wasn't always like this...but now it is the nauseating norm.

      Delete
  3. The Muppets have until May to sort themselves out. No doubt their attention is already focussed upon the forthcoming EU General Data Protection Regulation what with a Directorship of Cyber Security & Information Risks advertising last year for a new post - Data Protection Officer salary £118k.
    Well you would hope so, as for data breaches will include fines up to euro 20m or 4% of global annual turnover, which for The Muppet Show must be fecking huge, as by its own figures (?) it recently moved 99 million Tax & NI records from old legacy systems into a new virtualised system and holds over 2.5 billion pieces of data on individuals within the UK alone!

    Iceberg, tip of, deckchairs already floated away, CQ/CQ/CQ....

    ReplyDelete