Local councils face fraud ‘timebomb’

Councils are failing to protect our card data, experts say.

More than half of local councils are exposing their constituents to the threat of card fraud.

That’s according to the findings of a Freedom of Information Act request from card processing consultancy CPRAS, which discovered that more than half of public authorities are failing to meet security standards.

What councils should be doing

A decade ago a worldwide standard was established for all businesses or organisations that accept payments by card. The Payment Card Industry Data Security Standard (PCI DSS) was designed to help cut card fraud, through tight controls around the storage, transmission and processing of cardholder data.

The PCI DSS consists of 12 requirements, which include installing and maintaining a firewall to protect cardholder data, encrypting sensitive information, using (and updating) anti-virus software and restricting access to that personal data, both digitally and physically. Security systems should also be regularly tested.

Unfortunately more than half of our local councils have admitted they are still not compliant with the standard.

Securely monitor your entire financial life, and get real-time valuations of your net worth. Access Plans for free today

What that means for you

Many of us have used a debit or credit card to pay our local council for something, whether that’s Council Tax, parking fines or tickets for events at your local town hall.

However, as our councils aren’t adequately protecting our details, should they suffer some form of security breach whether from hackers or a rogue member of staff, we could be at risk of card fraud or even identity theft.

Graham Hallewell, owner and CEO of CPRAS, warned that the consequences are potentially catastrophic, as a data breach would not only expose us to cyber theft, but may impede the councils’ ability to function at all.

Card fraud and ID theft are already on the rise, according to Financial Fraud Action UK, as a result of a jump in ‘mail non-receipt fraud’. This is where criminals steal mail from communal postal areas in order to get hold of your personal details. For more read Stolen mail fuelling rise in card fraud.

The Local Government Association didn't respond to our requests for comment.

Securely monitor your entire financial life, and get real-time valuations of your net worth. Access Plans for free today

More on scams:

National Identity Fraud Month: protect your identity from scammers

Protect your home from being stolen

Is this 'Tesco' voucher giveaway a scam?

Claims management firms turn to packaged bank accounts

Scammers cashing in on airline tragedies

Comments


Be the first to comment

Do you want to comment on this article? You need to be signed in for this feature

Copyright © lovemoney.com All rights reserved.

 

loveMONEY.com Financial Services Limited is authorised and regulated by the Financial Conduct Authority (FCA) with Firm Reference Number (FRN): 479153.

loveMONEY.com is a company registered in England & Wales (Company Number: 7406028) with its registered address at First Floor Ridgeland House, 15 Carfax, Horsham, West Sussex, RH12 1DY, United Kingdom. loveMONEY.com Limited operates under the trading name of loveMONEY.com Financial Services Limited. We operate as a credit broker for consumer credit and do not lend directly. Our company maintains relationships with various affiliates and lenders, which we may promote within our editorial content in emails and on featured partner pages through affiliate links. Please note, that we may receive commission payments from some of the product and service providers featured on our website. In line with Consumer Duty regulations, we assess our partners to ensure they offer fair value, are transparent, and cater to the needs of all customers, including vulnerable groups. We continuously review our practices to ensure compliance with these standards. While we make every effort to ensure the accuracy and currency of our editorial content, users should independently verify information with their chosen product or service provider. This can be done by reviewing the product landing page information and the terms and conditions associated with the product. If you are uncertain whether a product is suitable, we strongly recommend seeking advice from a regulated independent financial advisor before applying for the products.