Feeds

Government cock-up over online PIN numbers

Code for access to tax returns sent to wrong address

  • alert
  • submit to reddit

Beginner's guide to SSL certificates

The Government may have sent out hundreds of activation PIN numbers for its online gateway to the wrong addresses.

Reg reader Ed Hoppitt was very surprised when he received a letter from UK Online at his single detached house in Suffolk addressed to a Mr GJ Worthington and containing an activation number for the government gateway at www.gateway.gov.uk.

The Government Gateway is the entry point for citizens to all online government services, including the Inland Revenue. Services available once logged in include access to tax and VAT returns, enrolment to government schemes and the ability to send official forms to government agencies.

The letter informs Mr Worthington: "You must keep your User ID safe and not share it with anyone." Mr Hoppitt told us that he hasn't registered with UK Online and knows of no one called GJ Worthington.

When he called an enclosed helpline number, the operator asked him to open the shaded paper which protects the PIN and read it to her. She then confirmed that the computer system had Mr Worthington down as living at Mr Hoppitt's address.

A government spokeswoman refused to speculate on whether more PINs may have gone to the wrong addresses. "We are looking into the matter as we speak," she told us. It was the first UK Online had heard of a PIN going to the wrong address.

However, the government remains unconcerned over any security breach. "We are confident that security has not been compromised," we were told. "You still need a password - which wasn't in the letter - to get into the system."

The PIN number itself will expire in 14 days and presumably some time after that Mr Worthington will get in touch with UK Online to ask where the hell his letter is. ®

Beginner's guide to SSL certificates

Whitepapers

Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Protecting against web application threats using SSL
SSL encryption can protect server‐to‐server communications, client devices, cloud resources, and other endpoints in order to help prevent the risk of data loss and losing customer trust.
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.