- Tuesday, 17 November 2009
- INQ Mobile
- RSS
We have no lapscorchers in our organisation - Intel executive
Government lied about data left in pub car park
THE UK GOVERNMENT needs to get "realistic" and "stop making things up" says computer insecurity tech-spert, Jacques Erasmus from Prevx, telling the INQUIRER that a data stick lost by a government employee was unencrypted.
Claiming the memory stick found in the car park of a Staffordshire pub had a lot more on it than just a few user names and passwords, as the government had suggested, Erasmus noted it actually contained "really valuable information" as well as a fairly recent source code.
Spinners for the Department for Work and Pensions reckoned the security software and passwords on the data stick were protected "using an industry standard technique which is difficult to break" and that a source code and step-by-step guide to the system provided in a text file were old and of "low risk".
But the stick was "totally unencrypted and all the data was totally readable " according to Erasmus who reckoned it would have been relatively easy for someone in possession of it to access the Government Gateway site and redirect tax money into a personal bank account, for instance.
Erasmus said the government was deliberately trying to "play down" the seriousness of the incident because the memory stick had been found and handed in, meaning the potential damage was limited. In other circumstances, however, the information on the data stick, and especially the source code, could have handed 'invaluable' information to people interested in hoarding precious personal details or even defrauding the government.
On top of giving away the system blueprint, the stick was also jam packed with personal data including people’s names, addresses, salaries, individual tax liabilities and even the National Insurance numbers of a group of taxpayers.
Atos Origen, the computer management firm whose 29 year old employee, Daniel Harrington, lost the memory stick is apparently taking the issue “very seriously”, as one would expect from a firm on a £46.7million government contract.
Erasmus urged that the government now take matters a little more seriously too, to "get to the bottom of things" and ensuring it didn’t happen again. µ
See
Also
Another Whitehall data loss strikes
Share this:
ShareBusiness Intelligence Software
Customer Relationship Management (CRM)
Enterprise Accounting Software
Enterprise Resource Planning (ERP)
Enterprise Systems Management
You do not need access to the Government Gateway site in order to redirect tax money into a personal bank account. Just ask the people who are in charge of the finger printing, DNA sampling, ID card and so-called national security schemes how easy it is to redirect tax money.
You saw their lips move, didn't you?
this was a stupid attempt to draw out some Jihads its if you will. loose a memory stick with lots of sensitive material, and hopefully Osama starts reading the shit in his cave with electricity mind you, the memory card has a hidden mic, it realizes that the terrible Osama is there, an alarm is sounded back at MI6, bond comes out, touches a button on his watch, and BOOM.

interesting fact 
Al-Qaeda is the name of a mission the CIA game to the mujahedeen. there isnt even such a group called al-qaeda