Latest news with #GovernmentGateway
Daily Mirror
3 days ago
- Business
- Daily Mirror
DWP warning to people making new claim for Universal Credit
You could previously use payslips or P60s to confirm your identity online when applying for Universal Credit - but the DWP removed this option in April this year A major change to how you apply for Universal Credit has been introduced by the Department for Work and Pensions (DWP). When you apply for Universal Credit, you need to prove your identity. You could previously use payslips or P60s to confirm your identity online - but the DWP removed this option in April this year. On the website, it reads: 'Universal Credit no longer uses Government Gateway or Verify for online verification.' You can use any two of the following items to verify your identity online: UK passport Self-assessment returns Credit references or records Get the best deals and tips from Mirror Money You can also verify your identity in person if you have an appointment at your nearest Jobcentre Plus, by bringing in proof of ID and proof of your address. It comes after Universal Credit payments went up by 1.7% this April. Universal Credit is made up of a standard allowance which is based on your age and if you're claiming as a single person, or in a couple. The standard allowance is the basic amount you get before any additional elements you may be entitled to, or any deductions, are taken into account. Here is how much the Universal Credit standard allowance has risen by: Single under 25: from £311.68 a month to £316.98 a month Single 25 or over: from £393.45 a month to £400.14 a month Joint claimants both under 25: from £489.23 a month to £497.55 a month Joint claimants, one or both 25 or over: from £617.60 a month to £628.10 a month You may be subject to deductions if you have savings or if you owe the DWP money. If you work, there is a taper rate which reduces your maximum Universal Credit payment as your earnings increase. The taper rate is 55% which means 55p is deducted from your maximum Universal Credit payment for every £1 you earn. Some people get a "work allowance" which is a set amount you can earn before your Universal Credit is reduced. If you have over £6,000 in money, savings and investments, your benefit will be reduced by £4.35 for every £250 you have between £6,000 and £16,000. Another £4.35 is taken off even if any extra amount you have saved is not quite £250. For example, if you have £6,300 in savings, you won't not face any deductions on the first £6,000, but the other £300 would see your payments deducted by £8.70. These figures apply if you're a single claimant, or claiming as part of a couple. Universal Credit is replacing six older legacy benefits, including Working Tax Credit, Child Tax Credit, Income Support, Income-based Jobseeker's Allowance, Income-related Employment and Support Allowance and Housing Benefit.
Scottish Sun
04-06-2025
- Business
- Scottish Sun
Thousands of HMRC customers have accounts locked down & deleted after ‘organised crime fishing' into tax accounts
TAX THREAT Thousands of HMRC customers have accounts locked down & deleted after 'organised crime fishing' into tax accounts THOUSANDS of taxpayers have had their online accounts locked and login details deleted after 'organised crime fishing' scams targeted HMRC in a £47million fraud sting. Up to 100,000 personal tax accounts were shut down after it detected unauthorised access by criminal gangs in an elaborate bid to extract repayments from the tax authority. Advertisement 2 Thousands of HMRC online personal tax accounts have been locked down Credit: Getty - Contributor 2 Security systems detected unauthorised access to some accounts Credit: Getty Officials told MPs that the threat, which has not been classified as a cyber attack, was carried out over an extended period last year by multiple crime syndicates running phishing campaigns. Angela McDonald, deputy chief executive of HMRC, told the Treasury Committee: 'At the moment, they've managed to extract repayments to the tune of £47 million. Now that is a lot of money and it's very unacceptable.' The tax office said the breach was identified nearly a year ago but it has only now begun informing affected customers by letter. Letters are being sent from today until June 25. Advertisement Anyone hit will need to re-register for online services with new Government Gateway credentials. In a statement, HMRC said: 'We have written to affected customers and taken action to protect these accounts.' 'This was an attempt to claim money from HMRC, not an attempt to take any money from you,' the statement added. The agency said it has locked down affected accounts, deleted login details to prevent future unauthorised access, removed incorrect information from tax records, and checked to ensure no other details were changed. Advertisement More to is your go to destination for the best celebrity news, football news, real-life stories, jaw-dropping pictures and must-see video. For the latest news on this story keep checking back at Sun Online. You can also subscribe to the Sun Money or Sun Savers newsletter. Advertisement Like us on Facebook at and follow us from our main Twitter account at @TheSun.
Yahoo
16-04-2025
- Business
- Yahoo
Government digital ID system ‘put citizens' data at risk'
Millions of people's passports and driving licences were left at risk by cyber security failings in Britain's digital identity scheme, The Telegraph can reveal. Senior civil servants overseeing the 'One Login' system allowed developers full access to the system, some of whom did not have the highest level of security clearance that is usually required, according to documents reviewed by The Telegraph. The access level allowed developers to theoretically build backdoors into the system that could have allowed them to access personal data, though there is no suggestion that this happened in practice. However, concerns about the lack of vetting were raised internally, and security experts said the allegations were serious. Officials face claims that they ignored internal concerns and disciplined those who raised the alarm. Some of the work on the £300m system was also outsourced to Romania, a country identified as one of the 'greatest cyber criminal threats' in the world by researchers. Referred to within Government as the 'digital identity' system, One Login is key to ministers' hopes of modernising the state. First announced in 2021 and backed by more than £300m of taxpayer funding, One Login is designed to smooth access to hundreds of government services, retaining digital documents including an individual's driving licence. One Login processes sensitive personal and biometric data for 3m citizens who can use it to do everything from apply for an Armed Forces Veterans Cards to cancel a lost passport. Millions more citizens are expected to use the service as it expands. It is designed to replace the Government Gateway, an online portal used to collect trillions of pounds of revenue for HMRC and to access all benefits including pensions. Launching the Gov UK Digital Wallet last month, Peter Kyle, the science minister, said the system was 'underpinned by the security and identity verification measures of Gov UK One Login, meaning users can be assured documents can only be accessed by the right person'. However, The Telegraph understands that significant security risks were identified internally about the programme, which is being developed by the Government Digital Service (GDS). In one month alone more than 10,000 critical security vulnerabilities were detected across the One Login system by an Amazon Web Services monitoring tool, according to documents seen by The Telegraph. An internal audit from September 2023 also found that an estimated 39pc of highest-level accesses to the system were made by staff lacking so-called SC level security clearance – which is normally required to work on personal data in a critical government project. Clearance is only granted after a thorough investigation of a candidate's criminal record, credit history and personnel records. Steven Murdoch, professor of security engineering at University College London, said a lack of thorough vetting of developers given so-called 'God mode' access to the system was a serious risk. He said: 'If just one goes rogue then that can be a disaster. It's more serious than if the CEO goes rogue.' Concerns were also raised internally about the outsourcing of work overseas by contractors, including to Romania. Oxford University researchers last year named Romania as amongst the world's 'key cyber crime hotspots' after producing a 'cyber crime index' that ranks countries by their threat level. After the issues were raised with the Cabinet Office, management at the GDS were accused of sidelining the staff member who raised the concern and investigated them. Tom Read, the former GDS chief executive, is alleged to have said a civil servant who raised the alarm was engaged in 'disruptive and non-collegiate whistleblowing about the cyber security posture of our One Login programme', adding that 'these are not values the Cabinet Office aspires to'. Prof Murdoch said: 'This is what happened in the Horizon scandal: a lot of bad things were known but never made it up the hierarchy. 'It's concerning to hear. Bad news doesn't travel up if people would rather not tell the unhappy story that harms their own promotion prospects.' Mr Read has since left the Civil Service and taken up a post in the private sector at Serco, a major UK outsourcing contractor. Serco declined to comment. Lord Lucas, who sits on the Lords' science and technology committee, called for an external review of One Login's security 'to reassure us that there is no possibility of compromise'. He said: 'Oversight of our national IT security needs urgent improvement.' A government spokesman said: 'These concerns are dated and relate to the technology in its infancy, which has moved on considerably in the intervening years. 'As the public rightly expect, protecting the security of government services and the data and privacy of users to keep pace with the changing cyber threat landscape is paramount. 'We are fully compliant with UK data protection and privacy laws – including UK GDPR and the Data Protection Act 2018 – adhere to National Cyber Security Centre advice, and operate a three lines of defence process. 'This ensures data is protected, fraud is deterred and detected, and threats are monitored and responded to.' Broaden your horizons with award-winning British journalism. Try The Telegraph free for 1 month with unlimited access to our award-winning website, exclusive app, money-saving offers and more.
Telegraph
16-04-2025
- Business
- Telegraph
Government digital ID system ‘put citizens' data at risk'
Millions of people's passports and driving licences were left at risk by cyber security failings in Britain's digital identity scheme, The Telegraph can reveal. Senior civil servants overseeing the 'One Login' system allowed developers full access to the system, some of whom did not have the highest level of security clearance that is usually required, according to documents reviewed by The Telegraph. The access level allowed developers to theoretically build backdoors into the system that could have allowed them to access personal data, though there is no suggestion that this happened in practice. However, concerns about the lack of vetting were raised internally, and security experts said the allegations were serious. Officials face claims that they ignored internal concerns and disciplined those who raised the alarm. Some of the work on the £300m system was also outsourced to Romania, a country identified as one of the 'greatest cyber criminal threats' in the world by researchers. Referred to within Government as the 'digital identity' system, One Login is key to ministers' hopes of modernising the state. First announced in 2021 and backed by more than £300m of taxpayer funding, One Login is designed to smooth access to hundreds of government services, retaining digital documents including an individual's driving licence. One Login processes sensitive personal and biometric data for 3m citizens who can use it to do everything from apply for an Armed Forces Veterans Cards to cancel a lost passport. Millions more citizens are expected to use the service as it expands. It is designed to replace the Government Gateway, an online portal used to collect trillions of pounds of revenue for HMRC and to access all benefits including pensions. Launching the Gov UK Digital Wallet last month, Peter Kyle, the science minister, said the system was 'underpinned by the security and identity verification measures of Gov UK One Login, meaning users can be assured documents can only be accessed by the right person'. However, The Telegraph understands that significant security risks were identified internally about the programme, which is being developed by the Government Digital Service (GDS). In one month alone more than 10,000 critical security vulnerabilities were detected across the One Login system by an Amazon Web Services monitoring tool, according to documents seen by The Telegraph. An internal audit from September 2023 also found that an estimated 39pc of highest-level accesses to the system were made by staff lacking so-called SC level security clearance – which is normally required to work on personal data in a critical government project. Clearance is only granted after a thorough investigation of a candidate's criminal record, credit history and personnel records. 'If once goes rogue that can be a disaster' Steven Murdoch, professor of security engineering at University College London, said a lack of thorough vetting of developers given so-called 'God mode' access to the system was a serious risk. He said: 'If just one goes rogue then that can be a disaster. It's more serious than if the CEO goes rogue.' Concerns were also raised internally about the outsourcing of work overseas by contractors, including to Romania. Oxford University researchers last year named Romania as amongst the world's 'key cyber crime hotspots' after producing a 'cyber crime index' that ranks countries by their threat level. After the issues were raised with the Cabinet Office, management at the GDS were accused of sidelining the staff member who raised the concern and investigated them. Tom Read, the former GDS chief executive, is alleged to have said a civil servant who raised the alarm was engaged in 'disruptive and non-collegiate whistleblowing about the cyber security posture of our One Login programme', adding that 'these are not values the Cabinet Office aspires to'. Bad news doesn't travel up Prof Murdoch said: 'This is what happened in the Horizon scandal: a lot of bad things were known but never made it up the hierarchy. 'It's concerning to hear. Bad news doesn't travel up if people would rather not tell the unhappy story that harms their own promotion prospects.' Mr Read has since left the Civil Service and taken up a post in the private sector at Serco, a major UK outsourcing contractor. Serco declined to comment. Lord Lucas, who sits on the Lords' science and technology committee, called for an external review of One Login's security 'to reassure us that there is no possibility of compromise'. He said: 'Oversight of our national IT security needs urgent improvement.' 'Changing cyber landscape' A government spokesman said: 'These concerns are dated and relate to the technology in its infancy, which has moved on considerably in the intervening years. 'As the public rightly expect, protecting the security of government services and the data and privacy of users to keep pace with the changing cyber threat landscape is paramount. 'We are fully compliant with UK data protection and privacy laws – including UK GDPR and the Data Protection Act 2018 – adhere to National Cyber Security Centre advice, and operate a three lines of defence process. 'This ensures data is protected, fraud is deterred and detected, and threats are monitored and responded to.'
Yahoo
10-02-2025
- Business
- Yahoo
How to track down lost bank accounts and pensions
It's the time of year when we're often scratching about for loose change by the end of the month. But while you may have spent ages hunting through pockets and down the back of the sofa for a few quid to pay the window cleaner, or cover the cost of an emergency takeaway, you could have thousands of pounds sitting neglected in a forgotten account. One of the most rewarding places you can start is with pensions, because since it became compulsory for employers to automatically put most people into a pension scheme when they joined the company, it means every time you move jobs, you walk away from one pension and into another one. You could have built up too many pensions to keep track of, especially if you've moved house and had to tell every pension company about the move. It's why there are more than 3 million lost pensions in the UK. If you're struggling to find any paperwork for old accounts, you can use the government's Pension Tracing Service to track them down. Read more: How to negotiate house prices It's worth looking for forgotten savings accounts, current accounts and premium bonds too. This is easier if you can find any old paperwork, but if you can't, there's a single service that will hunt for them all — called My Lost Account. You fill in a form and submit it, and within three months, organisations will get back to you and let you know if there's money with your name on it sitting unclaimed. The one proviso is that if you've had statements from a company to your current address or email, and they think they still know how to get in touch, they won't have marked it as lost, and this service won't find it. So this isn't an alternative to hunting down old paperwork and making an effort to be reunited with your money. If you were born between September 2002 and January 2011 — or you know someone who was — there will be a child trust fund (CTF) sitting somewhere. You may not know you have one, because of the 6.3 million accounts opened, 1.8 million of them were opened by HMRC after the parents didn't pick one. Others have been forgotten along the way. However, they're relatively easy to track down. If you have parental responsibility for a child who qualifies, sign into the Government Gateway. Then you can fill out a form with your child's details, and they'll tell you where the CTF is held. If you qualified for a CTF and you're over 18, you can do this yourself. Once you've been reunited with your CTF, you should consider transferring the money to a Junior ISA. Cash JISAs tend to offer higher interest rates than their equivalent CTFs, while investment JISAs may have wider investment choices and some are available without charges Read more: How to fix gaps in your state pension contributions Once you've tracked down lost bank accounts and pensions and you're reunited with your money, it's well worth doing what you can to make sure you're never parted again. This is far easier if you can close old accounts you don't need, and bring things together. Make sure you don't lose any valuable benefits in the process though. If, for example, you have a final salary pension, then in the vast majority of cases, you shouldn't be moving it anywhere. It's also a good idea to draw up an assets register. This is a list of everything you hold, and where. This is something we tend to associate with getting older, and it makes sense to keep this securely with your will so nothing goes missing after your death. However, it's going to be a handy reminder every time you need it — especially if you move house and need to make sure you've updated all the relevant addresses. Finally, make a date for spring cleaning. That's not just a chance to find all those coins that have rolled under furniture and into the linings of coats, but if you go through your finances once a year, and update your assets register, you can keep track of what you have, and make sure it's working hard for you at the same time. Read more: Five ways to save on the cost of having children How to improve your pension income How to complete on a property before stamp duty deadline in March
