BT secrets still publicly available

Secret information taken from British Telecom's main computer is available on the Internet, the computer network accessible by 35m people around the globe.

The Independent reported on Thursday that thousands of secret telephone numbers and addresses, kept on the company's central database, had been leaked. John Major told the Commons on Thursday that having made inquiries, BT was ``satisfied there was no hacking of the system, nor any evidence that confidential information referred to in the [Independent] article has ever been on the Internet''.

But last night, the Independent was able to access on the Internet telephone records of 10 Downing Street, including private direct-line numbers and lines. Anyone on the Internet could potentially gain access to the same electronic documents. A computer security consultant in the presence of senior members of Independent staff connected with the Internet late yesterday. Within seconds, a file was located and opened. It gave details of the Prime Minister's telephones. The material had been ``parked'' on the net on 13 November. It is understood that there are other sites on the Internet at which other secret data can be accessed.

The Prime Minister's information was held on the Internet on the computer of an educational establishment. The electronic mail box in which it was held was owned by a student. It is not known how many other people have already read it, but it is known that the material has been transferred to at least one other site by the student.

The Prime Minister's telephone details constitute one small part of data that was taken off the BT computer. Other documents reveal secret addresses and numbers for MI6, MI5 and other sensitive installations.

BT last night denied misleading Mr Major. A spokesman said: ``We gave the Prime Minister absolutely the correct advice from our investigation based on evidence so far. Of course our people would like to see the information. It is possible that the information could be on the Internet but we have found no evidence of this . . . I want to emphasise again that whether or not it was on the Internet is not the key thing. The crucial thing is that a criminal act has been committed,'' the spokesman said.

BT also confirmed yesterday that it did not know what had been copied from its database. It said: ``It would appear that somebody has taken it off the computer. We do not know what the papers were or what information was called up.'' This admission will fuel widespread concern about the security of the computer.

BT said after the Independent's report appeared that its database, known as CSS, was ``secure and completely robust''. However, it has been confirmed that the company does not vet employees who are given access to the computer. The BT spokesman said that vetting was not required because the secret information held on the computer is not covered by ``national security policy''.

He added: ``There might be things on there that you as a customer would not want people to know and obviously that is why we have legal protection against somebody who breaches that confidentiality.''

The spokesman said that employees given access to the computer were merely asked to prove their identity and provide references. Asked if a foreign spy, with a false identity and references, could obtain access, he said: ``I suppose if you are able to get through any procedure and tell enough lies and not be found out, anything is possible.''

BT has said that it is investigating the security breach. The Cabinet Office, which was reported as co-ordinating an inquiry into the leak, said yesterday that it was waiting for the BT report and had not yet started a formal inquiry.

- Secret BT documents giving details of Downing Street as displayed on the Internet, edited to conceal the identity of both sender and receiver of the message. The top section of the document shows how computers passed a piece of electronic mail across the Internet on 13 November from Compuserve, a US computer service. The accompanying BT data then follows. The document above is a print-out of material displayed on the computer screen when the Independent connected to the Internet at 18.27 yesterday. The document shows the computer adjusting to Internet time (18.25), logging into the location of the document and displaying the same secret BT listing on Downing Street.

(Photograph omitted)

Superhighway secrets, page 15