POL00142363 - Email from Dave King (Post Office) to David Gray (Post Office) relating to transaction failing to be written to message store (‘Security Incident’) raised by Wendy Warham (Fujitsu)

Evidence on official site

POL00142363
POL00142363

From: _{dave.m.king___.
Sent: AM (UTC)

To: ™

Subject: Re: Fw: Security Incident

David

This only affects cases where statements have already been given and where it
has been declared that there are no integrity issues with the system (not true

in this case). According to Pete S these have had to be re-issued to say that
there are no reasons to believe any systems malfunction has affected the
evidence to which they relate.

No problems are anticipated.

Thanks
Dave
David X Gray
07/01/2009 20:53
To: Dave M King/e/POSTOFFICE@POSTOFFICE
ce:
Subject: Fw: Security Incident
Dave

why is this in court and witness statements?

Regards

David Gray
IT Strategy and Architecture Manager
Post Office Ltd

The Royal Mail Group plc is registered in England and Wales.
Registered number 4138203. Registered Office at 148 Old Street London EC1V 9HQ.
----- Forwarded by David X Gray/e/POSTOFFICE on 07/01/2009 20:52 ---—-

"Warham Wendy" <Wendy.Warhai
07/01/2009 10:46

Sue I have left you a voicemail as I need to update you on a recent issue that
has occurred & been resolved but does have some short term impacts. In summary
the issue is as follows:

In December 2007 an occurrence was reported in one office where a Stock Unit
roll-over coincided with the End of Day Process running. This led to a
previously unseen database lock where an administrative balancing transaction
failed to be written to the local message store database. This generated a
generic and non-specific software error event which went unnoticed in the
monitoring of Events. A financial imbalance was evident and was subject to
investigation by Fujitsu's Service Support Centre (SSC) and Post Office Limited
(POL). The financial imbalance has been resolved.

A software correction was applied across the estate in early November 2008 to
ensure that any such event generated would be monitored. Testing of that
correction has established that the unmonitored error does not occur elsewhere
in the system.

Impact

We need to work with POL to re-check the ARQ's and re-confirm the data
integrity during the period of May 07 to November 08 — Penny will do this

We need to discuss how we disclose the issue on the witness statements and we
have some words which may be appropriate — Both need to discuss and agree the
words

Identify which witness statement we have supplied and are still awaiting court

to confirm whether or not the data provided was May 07 - Nov 08 to a) ensure
events have been checked and b) to recall and replace witness statements —
POL/Penny

Further Action

Automate the message store alerts on the system so that no manual intervention
is required — A CP has been raised for this work

Education to ensure that this type of incident is raised as a Major Incident in

the security stack so that we can communicate and manage this in accordance
with incident timescales

Apologies that this has been not been communicated earlier but the review of
security incidents should improve this issue.

Wendy Warham
Operations Director
Royal Mail Group Account

Fujitsu Services

Berkshire R'
or Internally

E-mail: Wendy.Warhant_
Web: http://uk.fujitsu.com

Fujitsu Services Limited, Registered in England no 96056, Registered Office 22
Baker Street, London, W1U 3BW

POL00142363
POL00142363