Riskman

What I don't understand is why photo-ID is required. Is someone going to come to my house and check? I imagine there'll be a rush to check out the folks in Oz, NZ etc

D-IFF_ident

Having provided proof of ID via email (a scanned photo id document) they are STILL refusing to tell me if they've lost my data. I have asked the Information Commissioner for advice; I'll let you know what he says.

syncro_single

Had the standard email reply back and then contacted my bank. They recommended this company.

Welcome to CIFAS Online - CIFAS Online

For about £14 per year they can ensure that nobody else can set up direct debits/standing orders on your account.

I have 2 questions:

1. Does anybody have any knowledge of this company?
2. Because the requirement is due to an admin mess up, could I claim for it on JPA?

Wader2

I had exactly the same proof of data email at 1825 yesterday - looks like a batched response.

I pointed out that I was not retired and indeed using an internal MOD system. I got an apology 2 hr 9 min later.

N Joe

The spva website (Help, Advice & Complaints) confirms that DPA requests can only be submitted in writing - apparently contrary to Section 64.

N Joe

D-IFF_ident

N Joe - It is that point that I have specifically complained about to the Information Commissioner. Not only has my sensitive personal information probably been compromised; they won't even acknowledge the fact unless I sent hardcopy - they're adding insult to injury now.

Bladdered

My bank has referred me to this site too. This really is appalling stuff. In my new Company, theft of my identity could result in the loss of security clearnace, which would seriously impact on my ability to do my job. HR advies that potentially this could lead to dismissal on the basis that I cannot do my job. Maybe being a little paranoid but it would help to get some answers from my caring ex-employer who I worked for man and boy for 30 years etc. I would really like to know why this information was backed up to mobile media such as a 'dongle' - was it encrypted - god knows as MOD are saying nothing

A2QFI

I rang the helpline yesterday. Gave my name, rank, DOB and service number and was told they had no idea if my data was missing or compromised and that I should keep an eye on bank accounts for suspicious activity.

4mastacker

My bank, Barclays, has recommended me to sign up to CIFAS as well. They advised that the only downside is there may be delays if applying for credit, but at least the assurance is that the system is working as advertised.

As for the clowns that have caused this debacle, they have now received my written application and if any of them are reading this - the clock is now ticking for them to reply and it doesn't have a pause button.

Reading the Information Commissioner's web-site, it seems to be a bit of a toothless organisation so I feel a visit to my solicitor and/or the police station may be in the offing.

Bladdered, I fully agree with your comment about the 'dongle' - why are they even allowed in such a sensitive area?

N Joe

Today, saw the MOD's FAQs Sheet on this topic. If you haven't seen it, don't waste any energy tracking it down; most of the info was available from this thread.

The most useful answer was that most of the data lost was Annual Reports and only a small proportion of the individuals affected will have lost financial information.

The least useful answer was that the MOD does not consider this a security breach

N Joe

JessTheDog

ACRs, MOD Form 2020, F7500 or whatever are Restricted-Staff. That is a protective marking. The aggregate protective marking of a large number of records would be higher than Restricted. See JSP 440.

It is a security breach. Any claim to the contrary is a lie and an attempt to downplay the incident. They cannot be trusted with personal data and won't be getting any more from me until I claim my pension.

Not sure what is involved in a legal action but I know others have sued the MoD this way - particularly over pensions pre AFPS 75. There would seem to be possible breaches of the Data Protection Act and Human Rights Act as well - any lawyers out there.

Worth pursuing with MPs once Parliament returns as well. I would suggest an apology from SoS Defence and AMP would be appropriate.

Pontius Navigator

It is a play on words. I would have to look up the definition of security breach. The MOD spokesman seems to imply that a security breach would occur if the door was left open or someone emailed the lot out or left the data in a pub or locked car contrary to orders.

In this case it was not a security breach but a breakin, burglary or theft. None of the chosen were at fault so it was not a breach of security orders.

Simple.

Now that smoking is banned in the work place you will have to rely on mirrors alone.

6onthebleeptest

Apologies if people think this thread should be linked to previous ones.

I had the same "chinning off" as others appear to have had when I contacted JPAC to see if my details were on the Innsworth missing hard drives. "Someone will contact you if we think you are affected"

Is it coincidence that, doing my accounts this morning I have, for the first time had a fraudulent transaction on my account? Having spoken to my bank and had my account frozen/cards canceled etc...They advised me that in order for the purchase to have been completed the 's would have to have known my card/bank details and my address!! I keep my account/personal details as safe as possible!!! (Notice I said I keep them safe)

This might be a "one-off" and I might just be unlucky, but my immediate thought is whether anyone else who might have appeared on those elusive hard drives had similar issues

TVM

Pontius Navigator

phew, still OK here.

chevvron

I'm not RAF so I don't get paid via Innsworth but I have had fraudulent transactions on my debit card. First time I noticed my account was light by over £1000 when I withdrew some cash at an ATM. I queried this with the bank, and they read off some transactions at several different Tesco stores (never use his card at Tesco stores) which were certainly not mine (over £300 each.) Anyway I got this sorted; new debit card and my money was re-funded, then about a year later there were two ATM withdrawls on my mini statement of £98 each which weren't mine. Queried this and they asked if I'd been to Montreal 'cos that's where the money was withdrawn - $C200 each. Another card later and my money re-funded again!!
Funnily enough, I was in an optician and a guy there paid a bill with his credit card, and immediately got a text message. He explained it was an automatic system with his bank 'just in case' there was a fraudulent transaction as previously he'd been phoned in the early hours one morning to ask if he'd just bought £2000 worth of photographic equipment in Spain, which of course he hadn't!!

Bladdered

Innsworth - news

Bigt

Has anyone been contacted by the `powers that be` without themselves contacting the `powers that be` in the first place re this theft?

I left in 1995 when PSF was usually staffed by rather attractive young ladies and the chief clerk was the font of all knowledge things admin.

Now it appears the admin system has collasped and some thieving muppets go and steal my records due to a lack of basic security


Mr bloody angry - Devon

D-IFF_ident

I understand from a very reliable source that the RAF Data goons will now accept scanned ID by email.

Doctor Cruces

I e-mailled as soon as the story hit the streets.
Five days later I got a reply stating that I needed to write in and send proof of my identity such as passport, drivers licence, utility bills .......YEAH RIGHT!!!

They cant keep what they've already got in safety so they sure as h*ll not getting my up to date passport , address and driving licence details.

Bl**dy Muppets (sorry Muppets, generic not personal!).

Load of wasters.
Doc C

Lurking123

I understand a Nigerian lawyer is offering to give true ACR debriefs for a small sum of $11 000 000. All he wants is my bank account details. I kindly declined.

Tongue out of cheek, I haven't heard anything from SPVA/JPAC; s'pose I'll give them a call once I've checked my blood pressure.