back Back

Her Majesty’s Revenue and Customs reported 17 serious data breaches to ICO

By Joy Dumasia

December 14, 2021

  • Breach
  • Data Breach
  • Europe

Her Majesty’s Revenue and Customs (HMRC) has reported a total of 17 serious data breaches to the Information Commissioner’s Office (ICO) over 15 months, from January 2020 to March 2021. The data analysed by niche litigation practice Griffin Law revealed in HMRC’s recently published Annual Report and Accounts.

According to the report, a total of 3,017 people were potentially affected by personal data-related incidents. In the most significant incident, 1,023 people were potentially impacted when an HMRC staffer used confidential information to change customer records on Her Majesty’s Revenue and Customs systems without authorisation. The most alarming infringement saw an HMRC employee caught accessing an internal system to locate his estranged wife and children, potentially affecting a total of 4 people.

During an office relocation, a customer’s locked pedestal desk was forced open, resulting in exposed personal identifiers such as ethnic origin and religious beliefs. The most frequent breach involved HMRC staffers using personal information to alter customer records on HMRC systems. This occurred on 11 separate occasions, potentially impacting a combined total of 2,999 people. HMRC stated in the report that they have learnt lessons from the incidents and are using them to review and strengthen their customer identity and authentication process.

HMRC stated in the report: “Protecting customer data is important to us, and we monitor our processes continually to prevent recurrences. In addition, HMRC is delivering enhanced data security, governance and reporting across the department.”

Donal Blaney, Founder of Griffin Law, commented on the breaches, stating: “HMRC wields draconian powers, and is increasingly out of control. This is further evidence that HMRC needs to be reined in. They think they’re above the law. They’re not. Such abuse of its powers, and such criminality, should be investigated to the fullest extent possible by the Information Commissioner and the police if taxpayers are to retain any confidence in HMRC.”

Previous Article

December 14, 2021

APImetrics partners with Finextra to provide public access to open banking, FinTech and crypto API performance data

Read More
Next Article

December 14, 2021

KAF to launch digital lending on the Temenos Banking Cloud

Read More

IBSi Daily News Analysis


March 05, 2024


Regulated firms at risk of financial crime due to lack of daily customer due diligence

Read More

IBSi FinTech Journal

  • Most trusted FinTech journal since 1991
  • Digital monthly issue
  • 60+ pages of research, analysis, interviews, opinions, and rankings
  • Global coverage
Subscribe Now

Other Related News


MinkasuPay bags India’s patent for its biometric payment technology

Read More

February 29, 2024

The Deep Dive: Cloud Account Takeover

Read More

February 21, 2024

Signzy acquires 8i funded Difenz to advance AI compliance solutions

Read More

Related Reports

Sales League Table Report 2023
Know More
Global Digital Banking Vendor & Landscape Report Q4 2023
Know More
Wealth Management & Private Banking Systems Report Q4 2023
Know More
IBSi Spectrum Report: Supply Chain Finance Platforms Q4 2023
Know More
Treasury & Capital Markets Systems Report Q4 2023
Know More

IBSi Sales League Table

The industry acknowledged barometer of global banking technology vendor performance!
Get your copy now!
Get your copy now! IBSi Sales League Table 2023