Revealed: Betting firms were granted access to database of 28 MILLION children and used it to boost number of young gamblers by up to 15% in one of Britain’s biggest ever data breaches
- Access to the database was given to a firm used by the government for training
- According to the government, this firm then let a third party use the database
- This allowed gambling companies access to the details of 28 million children
Betting companies have been given access to a huge database containing the personal details of 28 million children.
The educational index, the Learning Records Service, contains names, ages and addresses of children aged 14 and above in state schools, private schools and colleges in England, Wales and Northern Ireland.
Companies are thought to have used the breach to increase the number of young people who gamble online, despite privacy rules meaning the database should only be used for educational reasons.
According to a report, one gambling firm was able to increase the number of young people passing its identity checks by 15 per cent, just by using the database.
It is believed to be one of the biggest breaches of government data ever and the Department of Education, led by Gavin Williamson, has pledged to investigate and leave ‘no stone unturned’.
The breach is believed to be one of the biggest breaches of government data ever and the Department of Education, led by Gavin Williamson, has pledged to leave ‘no stone unturned’ in its investigation
The government says it allowed an education and training provider to use the database.
This firm then ‘broke the agreement’ and gave access to another company, leading to the gambling firms being able to use it.
The shocking finds were revealed by the Sunday Times and, after being made aware of the breach, the DofE disabled the database.
An investigation found that GB group, one of the leading data companies in the UK, was given access to the Learning Records Service.
It was given access because of the age and identity verification services that it provides to its clients, which include 32Red, Betfair and other gambling companies.
The database gave these gambling firms a fast and cost effective way of verifying the ages of young online customers claiming to be 18 or over.
GB Group wrote on its website: ‘The data is accessible in real time, refreshed nightly and updated in line with annual exam results and other key moments.’
According to a report, one gambling firm was able to increase the number of young people passing its identity checks by 15 per cent, just by using the database
The company also said that it could check dates of birth and addresses against the Learning Records Service, to determine if given identities were genuine.
The Learning Records Service gives a unique number to children and students aged 14 and above and is supposed to help them give proof of their achievements and qualifications.
GB Group is thought to have gained access to the database through Trustopia, a London-based ‘education and training provider’ used by the government.
Trustopia denies this, but a DfE statement said: ‘[The firm] wrongly provided access to this data and broke their agreement with us. This was completely unacceptable and we have immediately stopped the firm’s access and ended our agreement with them. We will be taking the strongest possible action.’
A source close to Williamson said that he ‘was very concerned’ about the data breach.
GB Group said: ‘We can confirm that we use the Learning Records Service dataset via a third party. We take claims of this nature very seriously and, depending on the results of our review, we will take appropriate action.’