© Copyright Acquisition International 2026 - All Rights Reserved.

Article Image - HMRC under fire for 11 ‘serious’ personal data breaches affecting over 20,000 people
Posted 9th December 2020

HMRC under fire for 11 ‘serious’ personal data breaches affecting over 20,000 people

Law firm accuses taxman of ‘breath-taking incompetence’ over catalogue of data loss incidents affecting tens of thousands of members of the public.

Mouse Scroll AnimationScroll to keep reading

Let us help promote your business to a wider following.

HMRC under fire for 11 ‘serious’ personal data breaches affecting over 20,000 people

data breach

HM Revenue and Customs (HMRC) has reported 11 ‘serious’ personal data incidents to the Information Commissioner’s Office (ICO) in the most recent financial year, according to official figures.

The incidents, disclosed in HMRC’s newly published annual report, are estimated to have affected 23,173 people in total and have been analysed by litigation practice Griffin Law.

The most widespread and serious personal data incident recorded in the report happened in May this year at the height of lockdown, when National Insurance number letters relating to 16-year-old children were sent out with incorrect details, impacting up to 18,864 members of the public.

However, the most severe incident occurred in February 2020, when a fraudulent attack resulted in 64 employees’ details being obtained from three PAYE schemes. Name, contact details and ID data, such as passwords and usernames, were leaked, and an estimated 573 people are said to have been impacted as a result.

According to the report, which was released on the 5th of November, the affected customers had not yet been contacted, but the incident is still under investigation.

Other data incidents documented by HMRC in their annual report include a cyber attack against an agent and their client data, affecting 25 people; an incorrectly accessed tax payer record, and resulting refund to the taxpayer’s mother; leak of addresses and property details due to usage of the incorrect Excel spreadsheet, and, leak of medical documents, private correspondence and company data due to paperwork being left on a train.

A further 3,616 ‘centrally managed’ security incidents were also recorded; however specific details of these incidents were not revealed.

HMRC stated the following in the report: “We deal with millions of customers every year and tens of millions of paper and electronic interactions. We take the issue of data security extremely seriously and continually look to improve the security of customer information. We investigate and analyse all security incidents to understand and reduce security and information risk. We actively learn and act on our incidents. For example, by making changes to business processes relating to post moving throughout HMRC and undertaking assurance work with third party service providers to ensure that agreed processes are being carried out.”

 

Cyber security expert Tim Sadler, CEO, Tessian commented:

“Human error is the leading cause of data breaches today. And given that people are in control of more data than ever before, it’s also not that surprising that security incidents caused by human error are rising. 

“That’s not to say, though, that people are the weakest link when it comes to data security. Mistakes happen – it’s human nature – but sometimes these mistakes can expose data and cause significant reputational and financial damage. It’s an organisation’s responsibility, then, to ensure that solutions are put in place to prevent mistakes that compromise cybersecurity from happening – alerting people to their errors before they do something they regret.” 

 

Donal Blaney, principle, Griffin Law added:

“Taxpayers have a right to expect their sensitive personal data to kept secure by the taxman. The Information Commissioner should immediately investigate HMRC for these breaches and hold the taxman to account for this breathtakingly incompetence”.

Categories: Legal


You Might Also Like
Read Full PostRead - Eye Icon
Creating an Effective Crisis Communication Plan in 2024
News
15/04/2024Creating an Effective Crisis Communication Plan in 2024

Having a solid crisis communication plan is determining for organizations In today’s business climate. With only 49% of U.S. companies possessing a formal plan in 2023, it became increasingly evident that businesses need to be prepared for worst-case sce

Read Full PostRead - Eye Icon
Ones to Watch in IP, 2016 – M&M Advocates
Legal
08/06/2016Ones to Watch in IP, 2016 – M&M Advocates

M & M Advocates and Consultants is a full service Law Firm.

Read Full PostRead - Eye Icon
Businesses That Help Boost the Circular Economy
Corporate Social Responsibility
20/01/2022Businesses That Help Boost the Circular Economy

Here, we explore businesses that were created with reusing and recycling as their core purpose and why they’re important for the wellbeing of the environment.

Read Full PostRead - Eye Icon
Common Mistakes Families Make When Applying for Medicaid
Legal
20/03/2026Common Mistakes Families Make When Applying for Medicaid

Georgia’s long-term care landscape is as diverse as its terrain, ranging from the bustling medical hubs of Atlanta to the quiet, community-focused corners of the Blue Ridge foothills. For many Peach State families, the transition into elder care brings a

Read Full PostRead - Eye Icon
Retention and Productivity Top Advantages of Health and Wellbeing for Companies With Overseas Staff
News
21/01/2026Retention and Productivity Top Advantages of Health and Wellbeing for Companies With Overseas Staff

Companies with overseas employees put staff retention and the boost to productivity at the top of the list of advantages in offering health and wellbeing support, according to research from the employee benefits team at Everywhen.

Read Full PostRead - Eye Icon
Why Moderating Your Social Media is Important as a Business
Innovation
25/11/2022Why Moderating Your Social Media is Important as a Business

Sadly, even the most useful tool can quickly become a destructive weapon when it is placed in the wrong hands. This fact of life permeates every industry, every family, every community. Something designed to valuable and beneficial can be used to cause harm wh

Read Full PostRead - Eye Icon
How to Conduct Real Estate Market Research Like a Pro For Your Modern Business
News
24/04/2024How to Conduct Real Estate Market Research Like a Pro For Your Modern Business

Learning how to conduct real estate market research and be like a pro in modern business is important.

Read Full PostRead - Eye Icon
How to Better Navigate Your Team Through a Merger or Acquisition
Leadership
19/07/2022How to Better Navigate Your Team Through a Merger or Acquisition

2021 was a record year for mergers & acquisitions (M&A) activity. In the US alone, M&A accounted for $581 billion. Yet according to the Harvard Business Review, studies repeatedly show that between 70 – 90% of mergers and acquisitions fail. A lack of support

Read Full PostRead - Eye Icon
Money Grows: Increasing Your Capital
News
13/03/2023Money Grows: Increasing Your Capital

It can be reassuring to know that you are able to pay the bills and still have some cash left over at the end of the month. However, for many people, the last few days before payday can result in loans or credit cards being relied upon.



Our Trusted Brands

Acquisition International is a flagship brand of AI Global Media. AI Global Media is a B2B enterprise and are committed to creating engaging content allowing businesses to market their services to a larger global audience. We have a number of unique brands, each of which serves a specific industry or region. Each brand covers the latest news in its sector and publishes a digital magazine and newsletter which is read by a global audience.

Arrow