HM Revenue and Customs is investigating 40 separate cases of organised tax credit fraud, most of which used hijacked or false identities.
HMRC admitted last November that personal data stolen from Jobcentre Plus and Network Rail had been used in tax credit fraud, but a letter from John Bourn, National Audit Office comptroller and auditor general, last week revealed investigations into 38 other cases, which could involve £5m in fraud.
The letter followed enquiries by MP Richard Bacon, a member of the Public Accounts Committee. “We do not know the scale of this, but it is bigger than we first thought,” he said.
Bourn said Department for Work and Pensions investigators believe the most likely source of stolen personal data on 13,000 civil servants was an extract from Jobcentre Plus’s payroll sent to another office to be used for staff appraisals.
Peter Sommer, white collar crime expert at the London School of Economics, said the central management and control of data was considerably easier with dumb terminals. “With PCs, people can extract data to do a quick job without necessarily thinking of the consequences for security. For most end-users, security is nothing but a nuisance,” he said.