Advertisement

HMRC sees serious personal data incidents rise 60% in 12 months

The UK tax office reported 29 system breaches over the course of 2023-2024, with over 35,000 individuals impacted. 

Colorful software or web code on a computer monitor

These incidents were all considered ‘serious’, according to details passed to the Information Commissioner’s Office, and represent a significant increase on the previous year. 

Up 60%, six of the incidents saw ‘personal data used to make changes to customer records on HMRC systems without authorisation. A further three incidents involved ‘loss of inadequately protected electronic equipment, devices or paper documents from secured government premises.’

Further to this, on two occasions losses of equipment occurred at non-government locations. Meanwhile, there were 14 instances of ‘unauthorised disclosure’. However, the report notes that around 1.5billion suspicious and malicious events and potential attacks are blocked by HMRC security protocols on a monthly basis.  

We take all these incidents seriously and are acting to address them,’ the HMRC report stated. ‘We have used the lessons learned from these incidents to review and strengthen our customer identity and authentication processes. Protecting customer data is important to us and we continually monitor our processes to prevent recurrences. We are also delivering enhanced data security, governance and reporting across HMRC.’

The figures have been released amid a £200million upgrade programme, remediating systems to ensure full compliance with General Data Protection Regulations. By April, 76 IT systems had completed this process, up from 17 during the previous 12 months. 

‘We take the protection of our customers’ information very seriously and monitor our systems and data to ensure information is safe,’ said a spokesperson for HMRC. ‘We investigate all security incidents and continuously invest in security systems to ensure they offer the latest protection. We are aware of our data protection obligations and are committed to meeting them.’

More online networks and computing:

EE deploys first 5G ‘small cells’ in Croydon 

AI Festival in Milton Keynes, October 28 – November 1, 2024

The UK is building an ‘unhackable’ quantum internet

Image: Markus Spiske

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

Help us break the news – share your information, opinion or analysis
Back to top