HMRC comes under fire over ‘serious’ personal data breaches

Griffin Law has accused HMRC of “breath-taking incompetence” over 11 ‘serious’ personal data breaches that affected more than 20,000 people.

Last month HMRC published its annual report which outlines several data breach incidences.

According to the Kent-based law firm, the most widespread and serious personal data incident recorded in the report happened in May this year at the height of lockdown, when National Insurance number letters relating to 16-year-old children were sent out with incorrect details, impacting up to 18,864 members of the public.

"Human error is the leading cause of data breaches today. And given that people are in control of more data than ever before, it's also not that surprising that security incidents caused by human error are rising,” said Tim Sadler, CEO, Tessian. "That's not to say, though, that people are the weakest link when it comes to data security. Mistakes happen - it's human nature - but sometimes these mistakes can expose data and cause significant reputational and financial damage.

“It's an organisation's responsibility, then, to ensure that solutions are put in place to prevent mistakes that compromise cybersecurity from happening - alerting people to their errors before they do something they regret."

A HMRC spokesperson said: "We deal with millions of customers every year and tens of millions of paper and electronic interactions. We take the issue of data security extremely seriously and continually look to improve the security of customer information. We investigate and analyse all security incidents to understand and reduce security and information risk. We actively learn and act on our incidents."

    Share Story:

Recent Stories


Bringing Teams to the table – Adding value by integrating Microsoft Teams with business applications
A decade ago, the idea of digital collaboration started and ended with sending documents over email. Some organisations would have portals for sharing content or simplistic IM apps, but the ways that we communicated online were still largely primitive.

Automating CX: How are businesses using AI to meet customer expectations?
Virtual agents are set to supplant the traditional chatbot and their use cases are evolving at pace, with many organisations deploying new AI technologies to meet rising customer demand for self-service and real-time interactions.