FUJ00087028
FUJ00087028
To: Newsome Pete[pete.newsome?,
Ce: Davidson James[James. Davidson:
From: Jenkins Gareth GI[/o=Exchange/ou=AdminGroupt/cn=Recipients/cn=Gareth. Jenkins]
Sent: Wed 6/5/2013 9:13:21 AM (UTC)
Subject: RE: Urgent & In Confidence: Bracknell Enquiry Clarity From Second Sight
Membery Bill[Bill. Membery¢_
Pete,
I’ve added in comments to the email trail below. (prefixed [GIJ])
Regards
Gareth
Gareth Jenkins
Distinguished Engineer
Business Applications Architect
Post Office Account
‘SU
lace Road, Bracknell shire, RG12 8SN
Fujitsu is proud to partner with Shelter, the housing and homeless charity
Reshaping ICT, Reshaping Business in partnership with FT.com
vA Please consider the environment - do you really need to print this email?
From: Newsome Pete
Sent: 04 June 2013 11:21
To: Jenkins Gareth GI; Membery Bill
Cc: Davidson James
Subject: FW: Urgent & In Confidence: Bracknell Enquiry Clarity From Second Sight
Importance: High
Sensitivity: Confidential
Gareth/Bill
From the discussion yesterday there are 2 things that come to mind:
e This may have been in the test system only as it was in the basement — Can we show there was no access to a live system
[GU] The test system and live system should be physically separated. I expect that Bill can provide proof of this via the various
audits and PEN tests. In particular I wouldn’t expect any Testers to have access to Live. The allegations relate to 2008. From
memory, at that time we had some Horizon test systems in the basement and also access to the new HNG-X test systems in
Belfast which were being built. There wouldn’t have been any access to the Live system at Wigan Bootle other than from SSC on
6" Floor, the Security team and possibly the Ref data team — none of whom were in the basement.
e — Is the premise in the ops manual correct
[G1] Sorry not sure what this is — unless it is expanded on later in the email chain
and could the person in the basement be able to make the change
[GJ] I don’t see how anybody in the basement in BRAO1 could access Live.
e Would this person be PO or Fujitsu?
[GU] At the time we had a joint test team so the testers could be POL, Fujitsu (or a POL contractor or a Fujitsu contractor — both
companies hired many contractors at that time!)
Any other questions we need to answer.
Pete
Pete Newsome
Business Change Manager
Post , Fujitsu UK&l
Web: http://uk. fujitsu. coAT
wa Please consider the environment - d
From: zz pete.newsome!
Sent: 04 June 2013 11:
To: Newsome Pete
Subject: FW: Urgent & In Confidence: Bracknell Enquiry Clarity From Second Sight
Importance: High
Sensitivity: Confidential
3d to print this email?
Pete Newsome
Business Change Manager
Fujitsu
Liaising with Post Office Ltd
pete.newsomef”
FUJ00087028
FUJ00087028
From: Steve Allchorn
Sent: 04 June 2013 10:26
To: Pete Newsome; gareth.jenkins:
Cc: Simon Baker; Lesley J Sewell
Subject: Urgent & In Confidence: Bracknell Enquiry Clarity From Second Sight
Pete/Gareth
I have now received a response from lan Henderson (Second Sight) clarifying the specific line of enquiry in their current
investigations into the POL Bracknell site.
lan’s specific questions are listed in his email below. They primarily concentrate on Horizon system data access capabilities and
controls rather than procedures. To provide greater context, also attached is the spot review that outlines the specific allegation.
As a matter of urgency, could you provide a response to each of lan’s points and feed these back to me asap. I suggest your
responses are clear paragraphed statements rather than a provision of further information via attachments etc.
I will then collate and formally feedback to lan.
Please also note the potential that a further line of questions may be created from Second Sight’s ongoing review of the
information they have recently received.
Thanks as always for your co-operation.
Steve Allchorn I IT & Change Lead CPMO Manager
i) 2™ Fir, Central Wing, 148 Old Street, LONDON, EC1V 9HQ
FUJ00087028
FUJ00087028
@ Post Office stories
®© @postofficenews
From: Ian Henderson [mailto:irh¢
Sent: 03 June 2013 17:36
To: Steve Allchorn
Cc: Simon Baker; 'Ron Warmington’
Subject: RE: Follow up from call
Sensitivity: Confidential
Steve
I’m sorry for the delay in replying. There’s a lot going on at the moment...
I attach a copy of Spot Review 5 which describes the allegations that have been made.
The emails that have been forwarded to you appear to describe matters that may be relevant to the allegation. Please note that we
are primarily interested in finding out the following:
1. What capabilities did the POL Bracknell team have? (As far as TC or Rem Out type transactions or Journal adjustments are
concerned)
[GIJ] Testers wouldn’t have any access to do this on Live. However testers would have the capability of injecting TCs into the Test
systems so as to be able to test their affect on a a test counter.
On Live, we should have had an audit of any TCs sent by POL. Any TCs sent to a Branch would be visible in the Branch’s audit. If
there is a specific allegation for a Branch we could probably look for unusual times for TC delivery and even check against the TC
audit. In theory SSC could inject a TC into the Horizon Data Centre (but we then rely on vetting etc).
2. What were the PHYSICAL or LOGICAL controls over their use of the systems available to them?
[G1] Probably one for Bill. But in summary testers couldn’t access Live.
3. What audit trail is available to show the extent that they posted TC or Rem Out type transactions, or Journal adjustments?
[GU] There would be an audit trail for Live, but not for test systems, so we’re into proving a negative again.
4. Can we reply of the COMPLETENESS of the audit trail? i.e. does it record all transactions or just transactions meeting
certain criteria? Is it protected from user manipulation?
[GI] The Branch Audit trail would record any spurious transactions that Support or Ops staff may have generated. So if there is
an allegation of such transactions being generated we could check against the TCs sent by POL. This is practical for a single
Branch of a set period of time, but not more generally.
5. What USER ID was used if TC type transactions or journal adjustments were posted?
[GI] TCs injected in the Data Centre (either genuinely or spuriously) would not have an associated user ID.
6. Could the POL Bracknell team log on with either super user or SMPR credentials?
[Gl] I don’t believe anybody on POL could access any of the Live system other than by nlogging on in a Branch.
7. How would TC, Rem Out or Journal Adjustment type transactions executed by the POL Bracknell team be seen by SPMR of
Branches affected by those actions?
[GU] As above, I don’t think POL had such access. It would only be possible for Fujitsu Support and Ops staff.
There are probably other questions / issues that will arise after you have had a preliminary look at this.
FUJ00087028
FUJ00087028
Please note that we’re not really interested in what the procedures manual says about any of this. We need to look at whether it
would be possible for a rogue employee to do what is alleged and what log files would be generated to record that activity. Please
note that I have now been provided with a second batch of employee email and I may find other emails that are potentially
relevant to this matter.
Thank you for your help with this
With best wishes
Ian R Henderson CCE CISA FCA
Advanced Forensics - London, UK
Forensic computing expert witness and electronic disclosure specialist
Website: http:
LinkedIn: http://linkedin.com/in/forensicgod
Twitter: http://twitter.com/forensicgod
CONFIDENTIALITY. This email and any attachments are confidential and may also be privileged. If you
are not the intended recipient, please notify me at irh{” and delete the email and
any attachments.
From: Steve Allchorn [mailto:steve.allchor!
Sent: 30 May 2013 12:43
To: Ian Henderson (irh:
Subject: FW: Follow up from call
Sensitivity: Confidential
Hi lan
l’ve been forwarded the email stream below however having not been party to prior conversations or spoken to Susan as she is
formally off-work I just need to understand the context of the enquiry as the email pdf’s attached are a collection of individual
instances rather than a clear line.
My perception of what I think you need is;
1) Aclear documentation/articulation of the end-to-end Transaction Corrections process, how it is applied and the sign-off
authorities that are in place (e.g. subpostmaster acceptance etc.).
2) An understanding of how the attached email instances relate to that process and authorities.
Let me know if I’m on the right lines or not.
Thanks
Steve Allchorn I IT & Change Lead CPMO Manager
CD) 2™ Fir, Central Wing, 148 Old Street, LONDON, EC1V 9HQ
FUJ00087028
FUJ00087028
(=) Post Office stories
® @postofficenews
From: Susan Crichton
Sent: 28 May 2013 15:00
To: Steve Allchorn
Cc: Alwen Lyons
Subject: FW: Follow up from call
Sensitivity: Confidential
Steve — copy of some of the emails as extracted by lan Henderson, please can you forward to FJ as appropriate.
Susan
From: Ian Henderson [mailto:irh;
Sent: 28 May 2013 09:35
To: Susan Crichton; Alwen Lyons
Cc: rwarmingé,
Subject: RE: Follow up from call
Sensitivity: Confidential
Susan
I attach 11 emails from our preliminary review of the Bracknell data. Please note that I only received the second batch of Bracknell
data on Friday and it will take 3 or 4 days to process.
With best wishes
Ian R Henderson CCE CISA FCA
Advanced Forensics - London, UK
Forensic computing expert witness and electronic disclosure specialist
Website: http:
LinkedIn: http://linkedin.com/in/forensicgod
Twitter: http://twitter.com/forensicgod
CONFIDENTIALITY. This email and any attachments are confidential and may also be privileged. If you
are not the intended recipient, please notify me at irk, and delete the email and
any attachments.
From: Susan Crichton [mailto:susan.crichtof
Sent: 24 May 2013 17:54
To: ‘ithe
Cc: 'rwarming'
Subject: Re: Follow up from call
FUJ00087028
FUJ00087028
Sensitivity: Confidential
lan - thanks could you also send the details of the relevant emails to help us move forward this work next week.
Thanks
Susan
From: Ian Henderson [mailtozirh¢
Sent: Friday, May 24, 2013 09:35AM
To: Alwen Lyons; Susan Crichton
Cc: 'Ron Warmington’ <rwarminay
Subject: Follow up from call
As requested, please find attached the letter from JA to JFSA received by us on 19 April
also attach the Rudkin Spot Review sent to POL on 10 May
With best wishes
Ian R Henderson CCE CISA FCA
Advanced Forensics - London, UK
Forensic computing expert witness and electronic disclosure specialist
Website: http
LinkedIn: http://linkedin.com/in/forensicgod
Twitter: http://twitter.com/forensicgod
any attachments.
JR III O IO IO ISO I IO III II ISI III III IDI IIIT TI TTI DOI SDI D II ASI OI SDS OAS IA
This email and any attachments are confidential and intended for the addressee only. If you are not the named recipient, you must
not use, disclose, reproduce, copy or distribute the contents of this communication. If you have received this in error, please contact
the sender by reply email and then delete this email from your system. Any views or opinions expressed within this email are solely
those of the sender, unless otherwise specifically stated.
POST OFFICE LIMITED is registered in England and Wales no 2154540. Registered Office: 148 OLD STREET, LONDON EC1V
9HQ.
This email and any attachments are confidential and intended for the addressee only. If you are not the named recipient, you must
not use, disclose, reproduce, copy or distribute the contents of this communication. If you have received this in error, please contact
the sender by reply email and then delete this email from your system. Any views or opinions expressed within this email are solely
those of the sender, unless otherwise specifically stated.
POST OFFICE LIMITED is registered in England and Wales no 2154540. Registered Office: 148 OLD STREET, LONDON EC1V
9HQ.
peenen tet ee tat tre tent eet tet tet tet tet tet tet ter tet ten tree tatters t tered
FXII IO ISO IO ISO IIA II ISI III III IIIA SI ASI DSI SISOS SOI SOS SASS OI SOS IIIA
This email and any attachments are confidential and intended for the addressee only. If you are not the named recipient, you must
FUJ00087028
FUJ00087028
not use, disclose, reproduce, copy or distribute the contents of this communication. If you have received this in error, please contact
the sender by reply email and then delete this email from your system. Any views or opinions expressed within this email are solely
those of the sender, unless otherwise specifically stated.
POST OFFICE LIMITED is registered in England and Wales no 2154540. Registered Office: 148 OLD STREET, LONDON EC1V
9HQ.