The loss of data on two discs containing the personal details of 25-million people was the result of systemic failure according to a review of the information security at HM Revenue and Customs.
The 100-page report carried out by Kieran Poynter, chairman and senior partner at PricewaterhouseCoopers, was presented to parliament today.
It revealed that the data loss was avoidable and was the result of failings within HMRC and said that the procedures regarding data within the government department needs to change.
Chancellor Alistair Darling told parliament the culture needs to change in line with changing technology and that it is absolutely clear that people understand the importance of protecting the information they handle.
He said the methods of handling data have changed with higher volumes transferred at the push of a button, but that the procedures have not changed at the same pace.
"There is a problem that people have not woken up to the fact that processes used when everything was stored on paper are not appropriate," said Darling.
According to the report the failings were caused by weakness in specific information security policies which were too complicated and difficult for staff to navigate, inadequate awareness, communication and training on data security and a lack of clarity around the governance and accountability for data protection.
Vince Cable, deputy leader of the Liberal Democrats, said blaming the culture at HMRC for the data loss meant "everybody was to blame but nobody was responsible".