Unredacted: SOCA’s confidential report on private detectives
Exaro publishes full report after Serious Organised Crime Agency redacted key details
Exaro today publishes a full copy of a report compiled by the UK’s Serious Organised Crime Agency into private investigators.
SOCA last year released a copy of its confidential report, dating from 2008, to the House of Commons home affairs committee. But SOCA redacted key passages.
Exaro has obtained the unredacted version. The full report, which can be downloaded from the link below, identifies two blue-chip companies, British Gas and British Telecom, as victims of private detectives who ‘blagged’ sensitive personal data from them.
BT ensures that user access can be tracked so that any misuse may be detected
A spokesman for British Telecom, which has since been rebranded BT, acknowledged that it had been successfully targeted by blaggers.
Mark Hughes, chief executive of BT Security, a unit in the group, told Lord Justice Leveson’s inquiry into newspaper practices that the telecoms giant was a frequent victim of what he called ‘social engineering’.
He described this as attempts by fraudsters to manipulate staff of an organisation such as BT into disclosing customers’ personal information.
As of February 2012, BT identified 19 cases of social engineering over the previous six years that were “sufficiently serious to have been dealt with by BT Security investigations.”
The spokesman said: “BT takes its responsibility to protect customer data very seriously, and will not tolerate misuse of its systems, or inappropriate, or unauthorised, access. For this reason, BT ensures that user access can be tracked so that any misuse may be detected, and offenders can be dealt with appropriately.”
BT also insists that relevant staff must undertake a training course in data protection every two years, he added.
A spokesman for British Gas said on Friday that it was preparing a statement, but had no comment by the time of publication.
HM Revenue & Customs (HMRC) is also identified in the SOCA report as a source of personal information for blaggers.
An HMRC spokesman said: “We take the protection of customer data extremely seriously, so we constantly review our processes and procedures in light of developments in the e-security world, together with the expert technical and strategic advice that we receive from our advisors and in-house teams. For reasons that you will understand, we cannot go into more detail.”
The SOCA report was compiled under an exercise codenamed, ‘Project Riverside’, and gathered intelligence from five police operations. It was entitled, ‘Private Investigators: The Rogue Element of the Private Investigation Industry and Others Unlawfully Trading in Personal Data’.
A senior serving police officer told Exaro that the SOCA review “was an assessment, to give a proper understanding of the corrupt and improper practices of certain private investigators.”
“It was not a full blown criminal investigation,” the source added, “although one did fall out of it, and people were convicted as a result.”
Click on the link below to see full version of SOCA’s confidential report. Exaro’s report highlights in yellow the passages that were redacted in the version released by SOCA.
If you have information – including any recordings – that might help our investigation, please contact us.
Source documents and file downloads are only available to registered users.
Please register for free to access this resource.
Previous relevant Pieces
To comment on this article, please register.