HMRC sacks dozens of staff for snooping on taxpayers and accessing their records without permission
Fifty workers were let go last year for breaking data privacy rules.
Since 2022, a total of 354 employees have been disciplined for data security breaches, with 186 having been fired.
The tax office has admitted that some of those that were dismissed were found to have looked up taxpayers' confidential information.
HMRC holds a huge amount of personal data about taxpayers, including address, salaries and National Insurance numbers.
Staff are banned from looking up sensitive information unless they have a genuine business reason.
Despite that, a number of employees have been caught accessing personal details using HMRC's IT system.
Figures for 2024-25 indicate 96 staff were disciplined for data security breaches, with 50 of those later being dismissed.
The information was revealed to The Telegraph following a Freedom of Information request.
According to HMRC, that represents less than 0.1 percent of its almost 68,000 employees.
The figure is down from the previous year when 138 employees were disciplined and 68 were let go.
Those figures cover all data security breaches and not just employees searching for taxpayers' details.
HMRC using AI to scan social media for tax evasion investigations
These include things like making changes to records without authorisation, losing sensitive documents or not securely disposing of inadequately protected devices.
One employee was sacked in 2023 having sent the data of 100 people to his personal email address.
The employee was visiting a business as part of a compliance check and he emailed himself a PDF file which contained a list of staff members' details, which included their salaries and National Insurance numbers.
The file was later printed off for the meeting using his home computer, according to court documents.
The analytics team, which is responsible for highlighting data breaches, then flagged the incident to his line manager and the employee was dismissed for gross misconduct after an investigation was launched.
The case was taken to an employment tribunal with the former employee claiming he had not been thinking clearly at the time due to anxiety.
The tribunal though threw out his claim for wrongful dismissal.
A HMRC manager who was cited in the tribunal claimed data breaches had been on the rise since the pandemic due to remote working.
The line manager of the claimant wrote an email to staff reminding them never to send personal data outside the tax office's systems.
It said: 'There have been more incidents of this recently as we are working from home a lot more since Covid, but never send anything to your own private email address to print off that contains any personal or business data.'
Former HMRC inspectors said the importance of data security was drilled into employees from their very first day.
Ronnie Pannu, from the advice firm Pannu Tanu told the paper: 'When I was in HMRC, there was always a strong message from above that viewing a taxpayer's records where this was not necessary for a particular purpose was a serious issue which could have serious consequences for the individual concerned.'
John Hood, from the accountancy firm Moore Kingston Smith said: 'Any HMRC employee foolish enough to look up personal information that is not part of their usual responsibilities faces a ticking time bomb as most searches are tracked.
'As an additional security, some parts of the system are restricted so that only specifically authorised personnel can access them, such as the departments dealing with MPs and civil servants'.
All HMRC employees are given mandatory data security training and the government body limits access so workers can only look up customer record if it necessary for their specific role.
The tax office also tracks activity on its systems in order to deter record breaches and deter misuse.
Any employee who breaks the rules is investigated and faces having penalties imposed on them but each incident is dealt with on a case-by-case basis.
Ellen Milner, from the Chartered Institute of Taxation added that taxpayers must be able to trust that the private information they supply will not be leaked or supplied to criminals.
Any serious data breach must be reported to the Information Commissioner's Office.
There were six cases last year of employees changing customer records without permission.
Another two staff lost inadequately protected devices, according to the HMRC's annual report.
The HMRC is currently under mounting pressure to strengthen its data security as online criminal attacks become more sophisticated and it moves towards being a digital-first organisation.
In the past year some 100,000 taxpayers had been affected by phishing attacks.
Criminals used stolen credentials to access their accounts and claim rebates.
There was no financial loss to any individual and a number of arrests have been made.
It cost the taxpayer £47million though.
A spokesperson for HMRC said: 'Instances of improper access are extremely rare, and we take firm action when it does happen, helping prevent a recurrence.
'We take the security of customers' data extremely seriously and we have robust systems to ensure staff only access records when there is a legitimate business need.'
It comes after the HMRC revealed it uses AI to spy on workers' social media posts as part of a tax crackdown.
The tax authority has been using the technology to look at internet posts that might provide evidence of cheating tax bills,
An HMRC spokesperson has insisted the tools are only being used for social media monitoring in criminal investigations and it won't affect the average taxpayer.
They said there are "robust safeguards in place" and it's believed that social media monitoring has been used for a number of years.
But concerns have been raised about whether the technology could be used more widely in future.
HMRC also looks at workers's financial records, spending habits and tax returns to look for evidence of cheating.
2
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
The Independent
6 minutes ago
- The Independent
Rayner claims Reform will ‘fail women' as she weighs in on online safety row
Nigel Farage and Reform UK risk 'failing a generation of young women' if they scrap online safety laws aimed at preventing revenge porn, Angela Rayner has said. The Deputy Prime Minister demanded Mr Farage explain how his party would keep young women safe when they use the internet, after Reform vowed to repeal the Online Safety Act. Her warning is the latest intervention in a row between senior Labour figures and Mr Farage's party over the Act. Under new rules introduced through the legislation at the end of July, online platforms such as social media sites and search engines must take steps to prevent children from accessing harmful content such as pornography or material that encourages suicide. Reform has vowed to repeal the law and replace it with a different means of protecting children online, though the party has not said how it would do this. Among their criticisms of the Act, Mr Farage and his colleagues have cited freedom of speech concerns and claimed the Act is an example of overreach by the Government. This prompted backlash from Technology Secretary Peter Kyle, who claimed people like Jimmy Savile would use the internet to exploit children if he was still alive, and insisted anyone against the Act – like Mr Farage – was 'on their side'. The Reform leader demanded an apology, but ministers have been trenchant in their defence of the Act. Now, the Deputy Prime Minister has questioned how Mr Farage would seek to prevent the 'devastating crime' of intimate image abuse, also known as 'revenge porn', without the Online Safety Act's protections. Ms Rayner claimed: 'Nigel Farage risks failing a generation of young women with his dangerous and irresponsible plans to scrap online safety laws. 'Scrapping safeguards and having no viable alternative plan in place to halt the floodgates of abuse that could open is an appalling dereliction of duty. It's time for Farage to tell women and girls across Britain how he would keep them safe online.' Under the Online Safety Act, revenge porn is classified among the 'most severe online offences', the Deputy PM added. Citing figures from the charity Refuge, the Labour Party claimed a million young women had been subject to revenge porn: either intimate images being shared, or the threat of this. Some 3.4 million adults in total, both men and women, have been affected, Labour also said. Ministers have previously had to defend the Online Safety Act against accusations from Elon Musk's X social media site that it is threatening free speech. In a post at the start of August titled 'What Happens When Oversight Becomes Overreach', the platform formerly known as Twitter outlined criticism of the act and the 'heavy-handed' UK regulators. The Government countered that it is 'demonstrably false' that the Online Safety Act compromises free speech and said it is not designed to censor political debate. Mr Farage has meanwhile suggested there is a 'tech answer' for protecting children online, but neither he nor the Government have outlined one. He also suggested children are too easily able to avoid new online age verification rules by using VPNs (virtual private networks), which allow them to circumvent the rules by masking their identity and location. When Reform UK was approached for comment, its Westminster councillor Laila Cunningham said: 'Women are more unsafe than ever before thanks to Labour. Starmer has released thousands of criminals back onto the streets early with no regard for women's safety. 'I am calling on Jess Phillips to debate me on women's safety – she ignored the grooming gangs scandal and now she's wilfully deceiving voters on this issue. 'Reform will always prioritise prosecuting abuse but will never let women's safety be hijacked to justify censorship. 'You don't protect women by silencing speech. You protect them by securing borders, enforcing the law, and locking up actual criminals, and that is exactly what a Reform government would do.'
The Independent
6 minutes ago
- The Independent
Rayner claims Farage's Reform will ‘fail women' in online safety act row
Angela Rayner has warned Nigel Farage and Reform UK that their plan to scrap online safety laws could "fail a generation of young women" by removing protections against issues such as revenge porn. The Deputy Prime Minister demanded Mr Farage explain how his party would ensure young women's online safety, given Reform's vow to repeal the Online Safety Act. Her warning is the latest in a series of interventions by senior Labour figures regarding the Act. Under rules introduced in late July, the legislation requires online platforms, including social media and search engines, to prevent children from accessing harmful content like pornography or material encouraging suicide. Reform has vowed to repeal the law and replace it with a different means of protecting children online, though the party has not said how it would do this. Among their criticisms of the Act, Mr Farage and his colleagues have cited freedom of speech concerns and claimed the Act is an example of overreach by the Government. This prompted backlash from Technology Secretary Peter Kyle, who claimed people like Jimmy Savile would use the internet to exploit children if he was still alive, and insisted anyone against the Act – like Mr Farage – was 'on their side'. The Reform leader demanded an apology, but ministers have been trenchant in their defence of the Act. Now, the Deputy Prime Minister has questioned how Mr Farage would seek to prevent the 'devastating crime' of intimate image abuse, also known as 'revenge porn', without the Online Safety Act's protections. Ms Rayner claimed: 'Nigel Farage risks failing a generation of young women with his dangerous and irresponsible plans to scrap online safety laws. 'Scrapping safeguards and having no viable alternative plan in place to halt the floodgates of abuse that could open is an appalling dereliction of duty. It's time for Farage to tell women and girls across Britain how he would keep them safe online.' Under the Online Safety Act, revenge porn is classified among the 'most severe online offences', the Deputy PM added. Citing figures from the charity Refuge, the Labour Party claimed a million young women had been subject to revenge porn: either intimate images being shared, or the threat of this. Some 3.4 million adults in total, both men and women, have been affected, Labour also said. Ministers have previously had to defend the Online Safety Act against accusations from Elon Musk's X social media site that it is threatening free speech. In a post at the start of August titled 'What Happens When Oversight Becomes Overreach', the platform formerly known as Twitter outlined criticism of the act and the 'heavy-handed' UK regulators. The Government countered that it is 'demonstrably false' that the Online Safety Act compromises free speech and said it is not designed to censor political debate. Mr Farage has meanwhile suggested there is a 'tech answer' for protecting children online, but neither he nor the Government have outlined one. He also suggested children are too easily able to avoid new online age verification rules by using VPNs (virtual private networks), which allow them to circumvent the rules by masking their identity and location. When Reform UK was approached for comment, its Westminster councillor Laila Cunningham said: 'Women are more unsafe than ever before thanks to Labour. Starmer has released thousands of criminals back onto the streets early with no regard for women's safety. 'I am calling on Jess Phillips to debate me on women's safety – she ignored the grooming gangs scandal and now she's wilfully deceiving voters on this issue. 'Reform will always prioritise prosecuting abuse but will never let women's safety be hijacked to justify censorship. 'You don't protect women by silencing speech. You protect them by securing borders, enforcing the law, and locking up actual criminals, and that is exactly what a Reform government would do.'
The Sun
7 minutes ago
- The Sun
Tech Secretary Peter Kyle reignites war with Nigel Farage by accusing him of putting women at risk
TECH Secretary Peter Kyle has reignited his war with Nigel Farage by accusing him of putting women at risk. He claims the Reform leader's vow to repeal online safety laws would 'rip up' protections against violent misogyny and revenge porn. 2 Mr Kyle sparked a row last month when he alleged Nigel was 'on the side' of paedos like Jimmy Savile. Furious Mr Farage branded the comments 'disgusting' and demanded an apology. But Labour has launched a fresh assault on Mr Farage as he soars in the polls. Both Deputy PM Angela Rayner and safeguarding minister Jess Phillips are attacking him over women's safety. Writing in today's Sun on Sunday, Mr Kyle says: 'When Nigel Farage boasts that he would scrap the Online Safety Act, he's admitting he's happy to leave the internet as a wild west and put women and girls at risk. 'He'd rip up protections that crack down on revenge porn, violent misogynistic content, and posts encouraging self-harm or suicide. 'He would tear down the defences we've built to hold back dangerous content and that would make the police's job much harder.' Zia Yusuf, head of the party's Department of Government Efficiency, said: 'This law is the biggest assault on freedom of expression in this country in our lifetimes. Since the Act came into force what has been censored? "Footage of a protest in Leeds, comments demanding the end of illegal migration, and even biographies of Richard the Lionheart have been removed from social media. Reform party leader Nigel Farage discusses immigration at Westminster press conference 'If this was really about protecting children from predators, why did this law result in the censorship of a speech in Parliament on the grooming gangs?' Mr Yusuf said Reform would pass a law 'fit for purpose'. It comes after Donald Trump's US administration attacked Britain for 'serious restrictions' on free speech. 2 Strangle porn 'rife for kids' By Sophia Sleigh MORE than half of kids have seen strangling in online porn, a shock poll will show this week. Some 58 per cent of 16 to 21-year-olds said they witnessed it when they were younger. Most had it served up to them on their feeds without looking for it. Stronger protections were introduced by Ofcom in July as part of the Online Safety Act. The Government aims to ban strangling porn through its Crime and Policing Bill. Children's Commissioner Dame Rachel de Souza, who ordered the research, said: 'Pornography is warping children's views of themselves, of each other and of their expectations of sex. 'They are seeing, often by accident, things which are illegal in real life.'
