© Copyright Acquisition International 2026 - All Rights Reserved.

Article Image - HMRC under fire for 11 ‘serious’ personal data breaches affecting over 20,000 people
Posted 9th December 2020

HMRC under fire for 11 ‘serious’ personal data breaches affecting over 20,000 people

Law firm accuses taxman of ‘breath-taking incompetence’ over catalogue of data loss incidents affecting tens of thousands of members of the public.

Mouse Scroll AnimationScroll to keep reading

Let us help promote your business to a wider following.

HMRC under fire for 11 ‘serious’ personal data breaches affecting over 20,000 people

data breach

HM Revenue and Customs (HMRC) has reported 11 ‘serious’ personal data incidents to the Information Commissioner’s Office (ICO) in the most recent financial year, according to official figures.

The incidents, disclosed in HMRC’s newly published annual report, are estimated to have affected 23,173 people in total and have been analysed by litigation practice Griffin Law.

The most widespread and serious personal data incident recorded in the report happened in May this year at the height of lockdown, when National Insurance number letters relating to 16-year-old children were sent out with incorrect details, impacting up to 18,864 members of the public.

However, the most severe incident occurred in February 2020, when a fraudulent attack resulted in 64 employees’ details being obtained from three PAYE schemes. Name, contact details and ID data, such as passwords and usernames, were leaked, and an estimated 573 people are said to have been impacted as a result.

According to the report, which was released on the 5th of November, the affected customers had not yet been contacted, but the incident is still under investigation.

Other data incidents documented by HMRC in their annual report include a cyber attack against an agent and their client data, affecting 25 people; an incorrectly accessed tax payer record, and resulting refund to the taxpayer’s mother; leak of addresses and property details due to usage of the incorrect Excel spreadsheet, and, leak of medical documents, private correspondence and company data due to paperwork being left on a train.

A further 3,616 ‘centrally managed’ security incidents were also recorded; however specific details of these incidents were not revealed.

HMRC stated the following in the report: “We deal with millions of customers every year and tens of millions of paper and electronic interactions. We take the issue of data security extremely seriously and continually look to improve the security of customer information. We investigate and analyse all security incidents to understand and reduce security and information risk. We actively learn and act on our incidents. For example, by making changes to business processes relating to post moving throughout HMRC and undertaking assurance work with third party service providers to ensure that agreed processes are being carried out.”

 

Cyber security expert Tim Sadler, CEO, Tessian commented:

“Human error is the leading cause of data breaches today. And given that people are in control of more data than ever before, it’s also not that surprising that security incidents caused by human error are rising. 

“That’s not to say, though, that people are the weakest link when it comes to data security. Mistakes happen – it’s human nature – but sometimes these mistakes can expose data and cause significant reputational and financial damage. It’s an organisation’s responsibility, then, to ensure that solutions are put in place to prevent mistakes that compromise cybersecurity from happening – alerting people to their errors before they do something they regret.” 

 

Donal Blaney, principle, Griffin Law added:

“Taxpayers have a right to expect their sensitive personal data to kept secure by the taxman. The Information Commissioner should immediately investigate HMRC for these breaches and hold the taxman to account for this breathtakingly incompetence”.

Categories: Legal


You Might Also Like
Read Full PostRead - Eye Icon
Construction Lawyer Reaches New Heights
Leadership
14/04/2020Construction Lawyer Reaches New Heights

Law is an arena in which experience and expertise can provide a cutting edge over the competition. In construction law today, being knowledgeable about everything from planning to completion is a necessity. Bringing all of that and so much more to the table is

Read Full PostRead - Eye Icon
Russia’s investment will ensure stable supply of Russian crude through 2021
Finance
02/02/2018Russia’s investment will ensure stable supply of Russian crude through 2021

Russia’s investment will ensure stable supply of Russian crude through 2021

Read Full PostRead - Eye Icon
Care By the Sea
Leadership
09/03/2021Care By the Sea

So much more than simply a domiciliary care agency, Overington Care does not merely assist people to live an independent life in their own homes, it also has a strong focus on the mental wellbeing of its clients and its staff. Founder and owner, Nichola, tells

Read Full PostRead - Eye Icon
How to Showcase Expertise to Grow Your Visibility Online
News
17/05/2023How to Showcase Expertise to Grow Your Visibility Online

In 2023, it’s not possible to operate a successful business and not have an online presence. But today, search engines are looking for more than just a website that you update every now and then. Google expects businesses to showcase their expertise and buil

Read Full PostRead - Eye Icon
Magento Open Source Vs. Adobe Commerce: Understanding the Differences
Innovation
30/10/2023Magento Open Source Vs. Adobe Commerce: Understanding the Differences

Magento is a popular platform for creating and managing ecommerce websites. According to BuiltWith, it’s the third most used Magento O among the top 100,000 sites.

Read Full PostRead - Eye Icon
One in Three Enterprise Devices Lack Encryption as Shadow AI Runs Wild 
News
01/10/2025One in Three Enterprise Devices Lack Encryption as Shadow AI Runs Wild 

Over one in three (35)% of enterprise PCs are not encrypted, despite standard security policies, amid millions of visits to generative AI platforms such as DeepSeek, often without formal approval or monitoring. 

Read Full PostRead - Eye Icon
How to Find the Right Bookkeeping Service for Your Business
Finance
24/03/2026How to Find the Right Bookkeeping Service for Your Business

For high-growth businesses, successful scaling depends on attention to the small details. Having a strong sense of financial clarity grows in proportion to operational ambition and is both an administrative requirement and a strategic asset.

Read Full PostRead - Eye Icon
Beyond the Crash: Strategic Risk Management and the True Cost of Traffic Accidents for Businesses
Legal
27/01/2026Beyond the Crash: Strategic Risk Management and the True Cost of Traffic Accidents for Businesses

In today’s interconnected economy, the impact of serious road traffic accidents extends far beyond immediate medical bills and vehicle damage. For organisations that underwrite risk, manage fleets, or provide services tied to employee safety and liability, u

Read Full PostRead - Eye Icon
The Impact of Courier Services on E-commerce Businesses
News
03/07/2023The Impact of Courier Services on E-commerce Businesses

In this digital era we’re all living in, e-commerce has truly shaken up the way businesses function, offering ease and accessibility to folks all around the globe. The success of any e-commerce venture largely depends on a trusty and proficient courier s



Our Trusted Brands

Acquisition International is a flagship brand of AI Global Media. AI Global Media is a B2B enterprise and are committed to creating engaging content allowing businesses to market their services to a larger global audience. We have a number of unique brands, each of which serves a specific industry or region. Each brand covers the latest news in its sector and publishes a digital magazine and newsletter which is read by a global audience.

Arrow