Security fears as taxman loses laptops, mobiles and tablet computers worth hundreds of thousands of pounds.
Her Majesty’s Revenue & Customs (HMRC) has reported 1,491 electronic devices lost or stolen over the past five years, according to official figures.
The data, retrieved via the Freedom of Information Act (FOI) and analysed by the Parliament Street think tank, observed the number of mobile phones, laptops and tablets lost or stolen over the past five years, each year from April 2017 to December 2021.
HMRC reported a total of 1,491 devices lost or stolen during the period, with the largest loss, 431 devices, occurring between April 2019 and March 2020 as the Covid-19 pandemic forced a shift to remote working.
Mobile phones accounted for 881 of missing devices and tablets made up 570 devices, whilst there were 40 missing laptops during the reporting period.
In total, 1,183 devices were recorded as being lost, whilst 308 devices were listed as stolen. All HMRC standard issue devices are encrypted to HMG standards and are remotely deactivates once they have been reported lost or stolen.
HMRC staff are required to report all lost or stolen IT devices as security incidents, with each incident being subsequently investigated.
Between April and December 2021, 340 devices were reported as lost or stolen, a large increase from the 170 in the previous year.
HMRC have attributed the recent increase was the result of “a bulk IT kit refresh” during lockdown and the “items were lost by external couriers in transit rather than HMRC staff.”
Technology expert Neil Parker, general manager EMEA, Laiye said, “Juggling a large remote workforce alongside managing complex services such as furlough was no easy task, so delays and device losses will inevitably occur. Organisations like HMRC did a fantastic job in incredibly difficult circumstances, but much more needs to be done to modernise and improve operations as we move beyond Covid. Key to this effort must be harnessing the power of artificial intelligence alongside automating key processes to free up staff to concentrate on improving customer services and reducing backlogs.”
Edward Blake, Area Vice President EMEA, Absolute Software, added, “Managing and maintaining an entire network of endpoint devices across a large organisation such as HMRC is no easy task, and one which has been made all the more difficult by the introduction of remote working, which has seen staffers take laptops home, and bring personal, unprotected devices into the mix.
“This is why it is essential that organisations have a permanent digital tether to each endpoint within their network, giving a central user visibility and control over each device so that it can be remotely locked or even wiped should it be compromised by a malicious actor. Sophisticated endpoint security that is equipped with self-healing capabilities will also prove itself to be invaluable, as it ensures all network weak points are immediately and autonomously flagged and solved before they can be manipulated by an opportunistic hacker.”
