BBC News
watch One-Minute World News
Last Updated: Tuesday, 20 November 2007, 17:51 GMT
How worried should people be?
By Ian Pollock
Personal finance reporter, BBC News

Alistair Darling
The missing discs were password protected, said the Chancellor
The loss, by HM Revenue and Customs, of computer discs with details of about 25m child benefit recipients, is the biggest loss yet of personal data in the UK.

Now the Chancellor, Alistair Darling, is trying to reassure millions of families whose details have been lost.

He said there was no evidence the discs had fallen into the wrong hands or that the information had been used for fraud.

Irregular activity

The two discs which have been lost - which were password protected - contained full names, addresses, dates of birth, national insurance numbers and bank and building society details.

Check your bank statements for odd transactions
Monitor your account if you bank online
Change your account password if it is a date of birth or name
Source: Apacs

But Mr Darling said that according to the banking industry, these details on their own would not be enough to lead to a fraud as additional security measures are used by banks.

Even so, he told MPs that banks would ensure that no one lost any money in the event that fraud did take place, and that child benefit will continue to be paid as normal.

Meanwhile people are advised to check their bank statements and accounts for any "irregular activity" and contact their bank if they spot something suspicious.

There is no need for anyone to close or change their bank accounts, said Mr Darling.

Responding to the Chancellor's revelations, the Information Commissioner, Richard Thomas, said all other organisations should take note.

"The alarm bells must now ring in every organisation about the risks of not protecting people's personal information properly," he said.

Advice lines

The banking industry body Apacs has published some advice for the public on its web site.

At this stage, customers should not be unduly concerned
Paul Smee, Apacs

Its chief executive Paul Smee said there had been no evidence of more suspicious activity since 18 October on the bank accounts of the people affected.

"Whilst this incident is extremely serious, at this stage customers should not be unduly concerned, as there's no evidence that the data has fallen into criminal hands," he said.

"In the event that anyone is the innocent victim of fraud as a result of this incident customers can have peace of mind that they enjoy protection under the Banking Code which means that you should not suffer any financial loss as a result," he added.

It is not just bank accounts that are under threat.

The missing information could be used to impersonate someone in order to buy goods or take out a loan.

Anyone who thinks this has happened to them can contact a credit reference agency to check out suspicious use of their identity, or earmark their name and address at the fraud prevention service CIFAS.

The HMRC has set up a Child Benefit Helpline on 0845 302 1444 for customers who want more details.


Despite these reassurances, a rather scarier scenario has been put forward by the technology analysts Gartner.

They warn that if the information is in the hands of criminals, they could try to take over peoples' bank accounts to remove the money in them.

"The data lost - bank account numbers, names and addresses - represents a gold mine for the thieves and is much more valuable to them than credit card numbers or taxpayer id numbers," said Gartner analyst Avivah Litan.

"In fact, in the black market, bank account numbers sell for the highest price, or between $30 and $400 (15 to 200), which is significantly more than the fifty cents to five dollars that criminals pay for credit cards," she said.


Some people believe they may already have been victims of identity theft.

Our bank was at a loss to explain how such detailed info was somehow available to someone else
Douglas Thomson, Glasgow
Douglas Thomson from Glasgow told the BBC that he and his wife may have already suffered such a theft.

"On 5 November we had 2,800 removed from our Alliance & Leicester bank account by someone who pretended to be my wife, but convinced our bank through the use of child benefit information to empty our account!"

"At the time, our bank was at a loss to explain how such detailed info was somehow available to someone else. At least we now know how," he said.

However the bank's chief press officer Ginny Broad said the two episodes were unrelated.

"Our security staff have checked this out thoroughly and in fact this had nothing to do with the loss of any child benefit data," she said.

The money was repaid by the bank the next day.

The BBC is not responsible for the content of external internet sites

Has China's housing bubble burst?
How the world's oldest clove tree defied an empire
Why Royal Ballet principal Sergei Polunin quit


Americas Africa Europe Middle East South Asia Asia Pacific