The two discs had still not been found, he added, despite searches by both police and HMRC staff, but there was no evidence of any fraudulent activity as a result of the loss.
He "apologised unreservedly" to everyone affected by the data loss and said the public were entitled to expect government departments would protect their personal details.
He called for a "change of culture" across Whitehall so that "security is first and foremost in people's minds" following a string of further data breaches, including officials losing lap top computers.
The child benefit records were posted from HMRC to the National Audit Office in London - when they failed to arrive another copy was sent that did reach its destination.
But police were unable to locate the missing information, raising fears that it could be exploited by identity thieves.
When he briefed MPs on the loss in November, Mr Darling insisted a "junior official" had been responsible for posting the information "contrary to all HMRC standing procedures".
This is a kind of institutionalised incompetence
Francis Maude Conservatives
But he told MPs he accepted the Poynter Report findings in full - and said changes to the management structure of HMRC were already underway.
He said the report did not blame the loss of the data on the merger of HM Customs and the Inland Revenue, which was brought in by his predecessor as chancellor Gordon Brown.
But it did find the "complex system of management installed after the merger was not suitable".
Lib Dem Treasury spokesman Vince Cable said this meant Mr Brown had been to blame.
"The responsibility does indeed lie with the present prime minister, for a specific decision which he made, which is the decision to remove 24,000 of the Inland Revenue staff.
"The consequence of which is that the Inland Revenue is now hopelessly ill-equipped to handle to growing complexity of the tax system and tax credits."
And shadow Cabinet Office minister Francis Maude said the "spatchcocking together" of the Inland Revenue, Customs and the Benefits Agency had "led directly to this lamentable failure".
He said ministers had failed to heed three previous warnings on data security in three previous reports.
"Frankly for the government to come along to say 'Oh it's a great surprise to us to find that these procedures weren't in place,' just won't do. This is a kind of institutionalised incompetence."
A separate report, by the Independent Police Complaints Commission, said data security processes at HMRC were "woefully inadequate" with "a complete lack of any meaningful systems" and a "muddle-through" ethos.
Few members of staff appreciated the highly sensitive nature of the information contained on the discs - and one who did voice concern was rebuked by a manager, the report said.
If an internal review being carried out at the time the discs were lost had been given higher priority the incident might have been avoided, it added.
All civil servants dealing with personal data will be forced to undergo annual training, as part of a package of measures designed to prevent a repeat of the HMRC scandal and data losses by the Ministry of Defence (MoD), it was announced earlier.
The Information Commissioner, Richard Thomas, said: "The reports that have been published today show deplorable failures at both HMRC and MoD.
"Whilst these breaches have been highly publicised and involve big numbers, sadly they are not isolated cases."
Mr Thomas said he would be taking formal enforcement action against HMRC and MoD - meaning they could face criminal prosecutions if they do not follow the recommendations set out in the reports.
Lessons had to be learned from recent data losses and information security "taken a great deal more seriously by those in charge of organisations", added Mr Thomas.
This page is best viewed in an up-to-date web browser with style sheets (CSS) enabled. While you will be able to view the content of this page in your current browser, you will not be able to get the full visual experience. Please consider upgrading your browser software or enabling style sheets (CSS) if you are able to do so.