FUJ00155399
FUJ00155399
920 - AH
_ SE Page 1 of 2
Bpola to BP 41-04 —
From: Thomas Penny —_
Sent: 07 January 2009 10:54 he wall Mose vue Wis aye
To: ‘dave.posnett{ GRO. I Raw £ aduica MAantts,
Ce: Pritchard Howard; Sewell Peter (FELO1) -# OmncAS fou NS.
Subject: FW: Security Incident a
Importance: High Syow wb 1U30 7-19
Attachments: Standard Fujitsu WS V8 Jan 09 .doc He had Ward wit Mao =
Hi Dave Ty nad He ck? fo Re
U9 add ARRAS fo aennor 4
Please find attached note sent by my senior management this morning. We need to discuss urgently.
REgMUES nak . TW Ao busy
: » Wel wnrd lo vwtact correct
Kind regards I Roy Wilson; ie honed A th TR We po
Penny
OVW — alononmalrhus,
l attach a Proposed witness statement amendment.
From: Warham Wendy Lusanssed Wl wih amt g
Sent: 07 January 2009 10:46
ue.lowther!_
Cc: Thomas Penny; Pritchard Howard
Subject: Security Incident _
HAWS Aaja ab ala gam
Sue I have left you a voicemail as I need to update you on a recent issue that has occurred & been resolved
but does have some short term impacts. In summary the issue is as follows:
In December 2007 an occurrence was reported in one office where a Stock Unit roll-over coincided with the
End of Day Process running. This led to a previously unseen database lock where an administrative balancing
transaction failed to be written to the local message store database. This generated a generic and non-
specific software error event which went unnoticed in the monitoring of Events. A financial imbalance was
evident and was subject to investigation by Fujitsu's Service Support Centre (SSC) and Post Office Limited
(POL). The financial imbalance has been resolved.
A software correction was applied across the estate in early November 2008 to ensure that any such event
generated would be monitored. Testing of that correction has established that the unmonitored error does not
occur elsewhere in the system.
Impact
We need to work with POL to re-check the ARQ's and re-confirm the data integrity during the period of May
07 to November 08 — Penny will do this
We need to discuss how we disclose the issue on the witness statements and we have some words which
may be appropriate — Both need to discuss and agree the words
Identify which witness statement we have supplied and are still awaiting court to confirm whether or not the
data provided was May 07 - Nov 08 to a) ensure events have been checked and b) to recall and replace
witness statements — POL/Penny
Further Action
Automate the message store alerts on the system so that no manual intervention is required - A CP has been
raised for this work
Education to ensure that this type of incident is raised as a Major Incident in the security stack so that we can
communicate and manage this in accordance with incident timescales
Apologies that this has been not been communicated earlier but the review of security incidents should
07/01/2009
FUJ00155399
FUJ00155399
Page 2 of 2
as t
improve this issue.
Wendy Warham
Operations Director
Royal Mail Group Account
Fujitsu Services
Fujitsu Services Limited, Registered in England no 96056, Registered Office 22 Baker Street, London,
W1U 3BW
07/01/2009