Over 10,000 customers were potentially affected by serious data incidents overseen by Her Majesty’s Revenue & Customs (HMRC) over the past year, according to their Annual Report & Accounts 2021-22.
The HMRC, which is the government department responsible for tax collection, reported 22 personal data-related incidents to the Information Commissioner’s Office (ICO) over the past 12 months. These incidents potentially affected 10,896 customers.
The number of serious personal data breaches increased from 18 in 2020-21, but affected customers dropped from 18,298.
Improvements have been made, with the HMRC stating it has implemented a Cyber Tactical Remediation Programme, moved a significant number of legacy data centres and implemented a new Security Incident Response Tool.
Cybersecurity expert Achi Lewis, Area VP EMEA for Absolute Software, commented, “Due to the volume of staff that large organisations like HMRC employ, it is inevitable that data incidents are going to occur. What’s crucial is that these organisations mitigate the volume of breaches as protecting customer data is vital.
“Solutions such as Zero-Trust Network Access can help to evaluate all users and their devices each time they connect to a network or application, only granting access if they are trusted. Should a malicious actor breach an application, they will be shut off from the rest of the network. Secure access controls, on top of this, can give IT teams the power to freeze or shut off compromised devices to prevent further breaches from occurring across a network”
Earlier in the year, the HMRC revealed it seized three non-fungible tokens (NFTs) during an investigation into a fraud case worth £1.4m.
Copyright © 2022 FinTech Global
