MPs Criticise HMRC Over £47m Phishing Scandal
MPs voiced strong criticism after HMRC failed to promptly notify Parliament of a £47m phishing attack impacting 100,000 taxpayers, raising concerns about transparency and public trust.
MPs Alarmed by HMRC’s Silence After Massive Phishing Attack
A major data security incident has placed HM Revenue & Customs (HMRC) under intense parliamentary scrutiny. MPs on the Treasury Committee expressed deep concern after learning—during a committee session—of a phishing attack that targeted up to 100,000 taxpayers and involved the theft of at least £47 million.A Missed Notification Raises Alarms
The Treasury Committee only became aware of the large-scale cyberattack on 4 June, discovering the details midway through a hearing. The lack of prior notification from HMRC sparked frustration among MPs tasked with overseeing the UK’s tax authority.Committee Chair Dame Meg Hillier labelled the situation as unacceptable:
“Clarity of communication is important, and I would just stress again your accountability, Mr Marks and HMRC’s, to Parliament and through us to taxpayers is not an optional extra. It is something which should be absolutely fundamental.”
Accountability Demanded from New HMRC CEO
Following the hearing, the Committee sent a strongly worded letter to John Paul-Marks (JP), HMRC’s newly appointed CEO. The letter expressed disappointment that Parliament was informed of the incident through media reports, not directly from HMRC itself.What Happened?
- Attack scale: Affected up to 100,000 taxpayers
- Financial loss: At least £47 million stolen through phishing
- Awareness gap: MPs found out during the hearing, not via official notification
- Response: Committee closed hearing with firm criticism of HMRC’s transparency
- Major HMRC helpline outages
- Criticism over outdated systems
- Legal appeals won by taxpayers over penalties
- Taxpayers are encouraged to monitor their HMRC communications and be vigilant for phishing attempts.
- Businesses and individuals should ensure strong cyber hygiene practices.
- Further updates from HMRC and the Treasury Committee are expected as investigations and oversight continue.
Why This Matters
Effective communication and transparency from tax authorities are vital to maintain public trust and governmental oversight. Large-scale cyberattacks endanger not only financial assets but also the confidence that citizens and businesses place in official systems.Additional Context and Recent Issues
This incident adds to a series of recent complaints about HMRC’s service quality, including system outages, reports of poor customer service, and unauthorised access to online accounts. These disruptions have intensified scrutiny of HMRC’s operational resilience.Other Notable Issues Recently Reported:
Insight from the Treasury Committee
The Committee has emphasised its expectation for full transparency and reliability from those in charge of protecting public money. Hillier’s remarks highlight a broader sentiment:"Your accountability ... to Parliament and through us to taxpayers is not an optional extra. It should be absolutely fundamental."
What’s Next for Taxpayers and the Sector?
Staying informed is essential for anyone affected by evolving digital risks.
If you have concerns or suspect involvement in a phishing scam, contact HMRC support directly and consider consulting with a tax adviser.
| Incident Aspect | Details |
|---|---|
| Affected Taxpayers | Up to 100,000 |
| Funds Stolen | £47 million |
| Initial Disclosure | During Treasury Committee hearing |
| Parliamentary Response | Strong criticism, demand for transparency |
Categories
Find the UK’s leading payroll solutions