Revenue bug could strike again

The security flaw that led the Inland Revenue to withdraw its online tax filing site last month could affect other areas of the government's web presence.

The bug that led to taxpayers details being revealed on the Revenue site has been fixed, but a spokesman told Computing that other departments using the Government Gateway authentication portal may also be exposed.

'We are in discussion with other government offices where we believe it could affect them, although it would not affect many,' he said.

The exact cause of the problem is unclear. The Revenue blames a configuration problem with an unnamed internet service provider.

'The way in which the "session cookie" identifying the user was managed meant that it could, in certain rare circumstances, be presented to another user,' said a statement last week.

Eenvoy Andrew Pinder told a Public Accounts Committee last month that an obscure 'technical standard' had been the culprit.