WBONO0000210
WBON0000210
From: "Matthew.Lentoné.. GRO.
To: Jonathan Gribben <
Hi GRO
Ce: "pete.newsomet
"Legal.Defence¢ GRO
Subject: RE: Roll 2 [WBDUK-AGFID133832914]
Date: Mon, 11 Mar 2019 17:04:19 +0000
Importance: Normal
Inline-Images: image001.png; image004.png; image005.png; image006.png; image007.png
Jonny,
As per my text, it would be helpful to have a call to clarify what you are looking for in relation to Steve’s
statement, paras 29 and 30.
He and his team have confirmed what I said in emails below, that using revised search criteria has resulted in
more than 14 instances now being identified.
The interim results of that revised search were included further down this chain, including the note that to
complete the search will take further work:
0.5 Day to identify KELs which refer to Riposte insert functions that were used by the SSC to correct issues.
2.5 Days to search each matching KEL against Peak and then check each Peak to see if the KEL solution was
applied.
Please would you confirm if you want that work to proceed so that a revised figure might be established
with as much accuracy as the circumstances might allow.
Steve has also confirmed to me this afternoon that the statement at paragraph 30 wasn’t intended to convey
that the 14 occasions referred to were all during the period of Roll’s employment, as some are clearly after
he left.
We confirm that one of the Peaks was returned twice in the original search, so that the figure should in any
case have been 13.
We confirm that the Peaks listed in the footnote do not between them provide examples of all of the six
circumstances noted in 29.1 to 29.6, and additional Peaks were then cited to provide some of the examples.
Thanks
WBD_000080.000001
WBONO0000210
WBON0000210
Matthew Lenton
Post Office Account Document Manager
Business & Application Services
Fujitsu
Lovelace Road, Bracknell, Berkshire, RG12 8SN
From: Jonathan Gribben
Sent: Monday, March
To: Lenton, Matthew
GRO
Hi Steve,
Will you be able to get back to me on this today please?
Kind regards
Jonny
Jonathan Gribben
Managing Associate
Womble Bond Dickinson (UK) LLP
‘Stay informed: sign up to our e-alerts
Join us for Disrupting Disputes 2.0
20 March 2019 at the British Library
Book your place here
womblebonddickinson.com
O®
WBD_000080.000002
WBONO0000210
WBON0000210
WOMBLE
BOND
DICKINSON
From: Jonathan Gribben
Sent: 09 March 2019 20:39
To: 'Matthew.Lentont.
Cc: pete.newsome} emeeen Lucy Bremner; Andrew, Parsons; Dave.Ibbett?
ParkerSP Legal.Defence, GRO !
Subject: RE: Roll 2 [WBDUK-AC.FID123822914]
Thanks Matthew.
Steve — please would you look at this ASAP?
Also, there is a duplicate in the 14 Peaks referred to in your statement — presumably that means we are talking about
13 occasions on which data was injected into the counter and not 13.
Kind regards
Jonny
From: Matthew.Lentong "GRO GRO i
Sent: 09 March 2019 17:37
To: Jonathan Gribben,
Cc: pete.newsome¢
ParkerSP¢ GRO 4; Legal.Defencet, GRO. !
Subject: RE: Roll 2 [WBDUK-AC.FID123822914]
Jonny,
Steve and his team would have to provide the answer to your question, I don’t think I can do so, but the
evidence behind this part of the statement doesn’t seem clear.
I think that in following up your request of 01-Mar-2019 for a similar search to be carried out “to establish (1)
how many times data was injected into the computer server/data centre while Roll was employed by Fujitsu; and (2)
how many of those incidents involved transaction data?” the results have suggested that the number of times data
may have been injected at the counter is greater than 14, and that is as a result of different search criteria
being used. Steve and his colleagues would need to comment on that.
Perhaps paragraph 30 was not intended to state that data was injected on 14 occasions during the time that
Roll was employed, given that some of the Peaks listed in the footnote are recognisably not from the time of
Roll just by their numbers (e.g. those above PC02... cannot be before 2010), but the context given by
following on from para 29 appears to suggest it.
WBD_000080.000003
WBONO0000210
WBON0000210
However, it has already been stated in the email below that the 14 Peaks listed in the statement do not
between them provide examples of each of the six circumstances noted in 29.1 to 29.6, and additional Peaks
were then cited to provide some of the examples.
Matthew Lenton
Post Office Account Document Manager
Business & Application Services
Fujitsu
Lovelace Road, Bracknell, Berkshire, RG12 8SN
Phone: GRO
Web: https:/www.fujtsu.com/global/
From: Jonathan Gribben (7
Sent: Saturday, March $
To: Lenton, Matthew +. £
Andrew Parsons £ . A>; Ibbett, Dave {
Steve ¢ Defence Legal (Chris Jay,)
Subject: RE: Roll 2 [WI [WBDUK-. “AC, FID123822914]
Matthew,
We need to get to the bottom of this ASAP, before the trial begins on Monday morning.
Steve's second statement explains that:
“At my request, my colleague John Simpkins (Senior Consultant), carried out a search of the incident management
system for incidents which required injecting data into the counter, using any one of the following search terms:
“RiposteMessageFile", "RiposteMessage", "LPO Delete", "Marooned", "RiposteObject put". From the results I can
determine that this was only carried out in the following circumstances...".
Does this explain why Steve only refers to 14 Peaks? Were the others not caught by the search?
Kind regards
Jonny
Jonathan Gribben
Managing Associate
WBD_000080.000004
WBONO0000210
WBON0000210
Womble Bond Dickinson (UK) LLP.
‘Stay informed: sign up to our e-alerts
WOMBLE zone
BOND
DICKINSON
From: Matthew.Lenton¢ GRO ![mailto:f_ GRO dt
Sent: 08 March 2019 13:41
To: Jonathan Gribber
Lucy Bremner; Andrew Parsons; Dave.Ibbett!
IK-AC.FID123822914]
From talking to SSC, it seems that this section of Steve’s WS may not be correct, in terms of there being
many more than 14 instances. As examples of the six types, I have added in Peak references in your email
below, those in red are not included in the list of 14 Peaks and so are examples of further instances. It is
estimated that some days more work may be required to establish a more detailed account. I believe this has
come to light from the analysis carried out in response to the question you were chasing this morning, from
your email of the 18t March at 13:37.
I have pasted in the response from SSC below:
I believe that there are MANY more Peaks that updated objects which only mention the associated KEL.
This will require further investigation of all KELs that may have required such actions then inspect each Peak that
mentions that KEL to see if it was used.
how many times data was injected into the counter while Roll was employed by Fujitsu;
Count of
Row Labels Incident
CorrS 30
CorrS & Counter
Counter 46
Grand Total 78
This totals 48
WBD_000080.000005
WBONO0000210
WBON0000210
how many of those incidents involved transaction data (see paragraphs 29 — 30).
Count of
Row Labels Incident
Y i
CorrS
1
Counter i
N 67
CorrS 25
CorrS &
Counter 1
Counter 41
Grand Total 78
This totals 6
how many times data was injected into the computer server/data centre while Roll was employed by Fujitsu;
Count of
Row Labels Incident
CortS 30
CorrS & Counter 2
Counter 46
Grand Total 78
This totals 32 (way too small)
how many of those incidents involved transaction data?
Count of
Row Labels Incident
Y oT
CorrS
comer 1
Counter 5
N 67
CorrS 25
CorrS &
Counter 1
Counter 41
Grand Total 78
This totals 6
WBD_000080.000006
WBONO0000210
WBON0000210
Expected further work, subject to being confirmed as necessary:
0.5 Day to identify KELs which refer to Riposte insert functions that were used by the SSC to correct issues.
2.5 Days to search each matching KEL against Peak and then check each Peak to see if the KEL solution was
applied.
Matthew Lenton
Post Office Account Document Manager
Business & Application Services
Fujitsu
Lovelace Road, Bracknell, Berkshire, RG12 8SN
Web: https:/www.fujtsu.com/global/
From: Jonathan Gribben
Sent: Thursday, March 7. .
To: Lenton, Matthew < GRO b>
Ce: Newsome, Pet >; Lucy Bremner < GRO i
Ibbett, Dave <. \>; Parker,
Subject: #** FRIDAY **** RE: Roll 2 [WBDUK-AC.FID 123822914]
Thanks Matthew. I don't quite follow the response to the third bullet. In Steve's second statement he states that data
was only injected into the counter in the following circumstances:-
fixing a Riposte Index at the counter; [Lenton, Matthew] PC0060114
removing a historic message that was influencing the balancing process on a replaced counter;[Lenton, Matthew]
PC0205753
correcting configuration data after a PinPad change; [Lenton, Matthew] PC0112293
removing redundant configuration items;[Lenton, Matthew] PC0085701
the example given above involving five corrupted bureau transactions; and/Lenton, Matthew] PC0175821
removing historic recovery information.[Lenton, Matthew] PC0249513
The 14 Peaks are said to evidence this, i.e. there should be at least one Peak for each one of the above
circumstances. Is that not the case?
Kind regards
Jonny
WBD_000080.000007
WBONO0000210
WBON0000210
Jonathan Gribben
Managing Associate
Womble Bond Dickinson (UK) LLP
‘Stay informed: sign up to our e-alerts
WOMBLE womblebonddickinson.com
BOND
DICKINSON ¥O
From: Matthew.Lenton¢.......GRO._..! [mailto:! "GRO i
Sent: 07 March 2019 15:34
To: Jonathan Gribber
Cc: pete.n
ParkerSP‘ GRO.
Subject: RE: Roll 2 [WBDUK-AC.FID123822914]
Jonny,
Please see responses below.
Matthew Lenton
Post Office Account Document Manager
Business & Application Services
Fujitsu
Lovelace Road, Bracknell, Berkshire, RG12 8SN
Web: https:/www.fujitsu.comi/global/
From: Jonathan Gribben
Sent: Thursday, March 7, 2019 12:23 PM
To: Lenton, Matthew
Ce: Newsome, Pete
Andrew Parsons.
3; Lucy Bremner dascenoenenanse
Tbbett, Dave 4c enn nnn GRO
Subject: RE: Roll 2 [WBDUK-AC.FID 123822914]
WBD_000080.000008
WBONO0000210
WBON0000210
Matthew,
Just a few further questions:-
we understand that OCRs were used minor support changes that did not required the full approval process that was
needed for OCPs — did OCRs still require Post Office consent?[Lenton, Matthew] No
if a Peak does not refer to an OCP/OCR, does this mean that there was not an OCP/OCR in relation to an incident?
[Lenton, Matthew] Ideally yes, however we cannot be certain as it is a manual action to add or type the
reference, so an OCR/OCP could still have been raised but the reference not added to the Peak.
of the 14 Peaks referred to below, can you tell me which relate to:-
o fixing a Riposte Index at the counter;[Lenton, Matthew] 1 with supplemental fix as below
(PC0060114)
© removing a historic message that was influencing the balancing process on a replaced counter;
and[Lenton, Matthew] None
© removing redundant configuration items.[Lenton, Matthew] 11
(I think one of PC 0060114, 01760799 and 0203896 relates to each of the above).
[Lenton, Matthew] The other type is:
PC0060114: Correction Message insertion. PM aware. No OCR/OCP mentioned
PC0175821: Correction Message insertion. PM aware. OCP21918 & OCR 21847
Thank you in advance.
Jonny
Jonathan Gribben
Managing Associate
Womble Bond Dickinson (UK) LLP.
‘Stay informed: sign up to our e-alerts
WOMBLE womblebonddickinson.com
BOND
DICKINSON ¥0O
From: Jonathan Gribben
Sent: 07 March 2019
To: 'Matthew.Lenton¢.
Cc: pete.newsom:
ParkerSP¢.
Subject: RE: Roll 2 [WBDUK-AC.FID123822914]
J; Lucy Bremner; Andrew Parsons; Dave. Ibbett!
WBD_000080.000009
WBONO0000210
WBON0000210
Matthew,
That's great, thank you. Given that some of the end dates are 2010, are we happy that they all relate to Legacy
Horizon?
Also, in para 28.4 Steve says that he can see from PC0175281 that the transaction insertion had the additional
property “Comment:PC0175821" inserted, but we can't see that anywhere in the peak. Is it in one of the hyperlinks
and, if so, can you send me the document please?
Kind regards
Jonny
From: Matthew.Lenton¢. GRO. i
Sent: 07 March 2019 11:42
To: Jonathan Gribben
Cc: pete.newsomet...
ParkerSPi
Subject:
1; Lucy Bremner; Andrew Parsons; Dave.Ibbett(
2 [WBDUK-AC.FID123822914]
Jonny,
I’ve added in the open and close dates of each of the Peaks in the email below; R Roll was employed 05-
Mar-2001 to 17-Sep-2004, therefore only the first Peak (highlighted) has any overlap with his period of
employment. From what I can understand of that Peak however, it looks like the actual change being
referred to was done on 11-Jan-2001, the rest of the call is about trying to obtain an events report, but in the
end it appears that they give up as the issue has been fixed.
Matthew Lenton
Post Office Account Document Manager
Business & Application Services
Fujitsu
Lovelace Road, Bracknell, Berkshire, RG12 8SN
Web: https:/www.fujitsu.com/global/
From: Jonathan Gribben
Sent: Thursday, March, 7,
To: Lenton, Matthew <.
WBD_000080.000010
WBONO0000210
WBON0000210
Ce: Newsome, Pete >; Ibbett, Dave
>; Lucy Bremner *
oll 2 [WBDUK-AC.FID 123822914]
veut; Andrew
Matthew,
An urgent question has arisen in relation to paragraph 30 of Steve's second statement. In that paragraph Steve states
that transactions were only injected into the counter "in the following circumstances while Mr Roll was employed by
Eujitsu (emphasis added):-
29.1 fixing a Riposte Index at the counter;
29.2 removing a historic message that was influencing the balancing process on a replaced counter;
29.3 correcting configuration data after a PinPad change;
29.4 removing redundant configuration items;
29.5 the example given above involving five corrupted bureau transactions; and
29.6 removing historic recovery information."
This is based on the content of row 6 in the table below, Steve's statement goes on to say that this only happened on
14 occasions and only one of those involved transaction data. The 14 occasions were:
0060114 {POL-0234909}, /Lenton, Matthew] 20-Dec-2000 - 28-Mar-2001
PC0112293 {POL-0283845}, /Lenton, Matthew] 09-Dec-2004 - 14-Dec-2004
PC0112293 {POL-0283845}, /Lenton, Matthew] Duplicate of above
PC0112397 {POL-0283948}, /Lenton, Matthew] 13-Dec-2004 - 13-Dec-2004
PC0112650 {POL-0284204}, /Lenton, Matthew] 17-Dec-2004 - 20-Dec-2004
PC0112659 {POL-0284213}, /Lenton, Matthew] 17-Dec-2004 - 20-Dec-2004
PC0118037 {POL-0289559},/Lenton, Matthew] 24-Mar-2005 - 24-Mar-2005
PC0122806 {POL-0293307}, /Lenton, Matthew] 05-Jul-2005 - 05-Jul-2005
PC0170799 {POL-0341013}, /Lenton, Matthew] 03-Dec-2008 - 05-Dec-2008
PC0175821 {POL-0345994}, /Lenton, Matthew] 19-Feb-2009 - 20-Mar-2009
PC0182141 {POL-0352240}, /Lenton, Matthew] 02-Jun-2009 - 04-Jun-2009
PC0198266 {POL-0368128}, /Lenton, Matthew] 28-Apr-2010 - 16-Jul-2010
PC0201613 {POL-0371420}, [Lenton, Matthew] 15-gu1-2010 - 29-Jul-2010
PC0203896 {POL-0373686}. [Lenton, Matthew] 03-Sep-2010 - 07-Sep-2010
It appears that the 14 occasions actually span the life of Legacy Horizon, rather than the period during which Roll was
employed. Is that right?
Please would you get back to me ASAP?
Kind regards
WBD_000080.000011
WBONO0000210
WBON0000210
Jonny
Jonathan Gribben
Managing Associate
Womble Bond Dickinson (UK) LLP
‘Stay informed: sign up to our e-alerts
WOMBLE womblebonddickinson.com
BOND
DICKINSON ¥0O
From: Matthew.Lentoni.. GRO
Sent: 25 January 2019 13:02
To: Jonathan Gribben
Cc: SHendersont
pete.newsomet,
Parsons
Subject: RE: Roll 2 [WBDUK-AC.FID27032497]
GRO {
3; Lucy Bremner; ParkerSPi_ , Dave. Ibbett( }
Gareth Jenkins < GRO I }, Andrew
Jonny,
Please see below an update which we believe completes the response to action 3 as the remaining 16
incidents referred to yesterday have now been analysed.
Additions in red are additional events not present in the data sent to you on 24-Jan-2019. Changes in text are
shown with strikethrough.
Matthew Lenton
Post Office Account Document Manager
P&PS, Digital Technology Services
Fujitsu
Lovelace Road, Bracknell, Berkshire, RG12 8SN
Web: https:/Awww.fujitsu.com/global/
From: Lenton, Matthew
Sent: 24 January 2019 17:58
To: ‘Jonathan Gribben' <_.
~3'Lucy Bremner'
GRO >; Ibbett, Dave
WBD_000080.000012
WBONO0000210
WBON0000210
>; Newsome, Pete i ‘Gareth Jenkins
GRO. }>; ‘Andrew Parsons’
C.FID27032497]
Jonny,
Please see below, a response is now added for action 3, which we think is mostly complete but will update
further. No other changes to the table.
Matthew Lenton
Post Office Account Document Manager
P&PS, Digital Technology Services
Fujitsu
Lovelace Road, Bracknell, Berkshire, RG12 8SN
Web: https://www.fujitsu.com/global/
From: Lenton, Matthew
Sent: 24 January 2019 13:31
To: ‘Jonathan Gribb GRO I
M Lucy Bremner < }; Parker, Steve
b.Ibbett, Dave 4 GRO >; Newsome, Pete
GEO >; Gareth Jenkins 4 GRO
; Andrew Parsons 4, penne GRO
UK-AC.FID27032497]
Jonny,
Please see below revised table with responses added for actions 6 and 8.
Actions 3 and 9 are still being worked on, but an update is included in those rows.
ction] Paragraph I Action Assigned IFujitsu
of Roll 2 to
Provide a list of events that give rise to a receipts and payments mismatch
WBD_000080.000013
Because of the volume of data here (735 incidents) and the need to
eyeball each one we’re restricted the initial analysis to the 390 calls
opened between 1999 and Jan 2002 (inc.). After this the beat rate
significantly decreased (only 345 in the subsequent 8 years). This is
believed to be due to the version M1 rollout (summer 2001) which
appears to have significantly increased the reliability in this area.
Analysis
Category Calls Residue Comment Event
Orange Prepay 99 291 Jan 2002. Software
Issue Reference data I error
/ software
issue.
Urgent
software fix
applied within
a week.
Newly migrated 61 230 Oct 1999 — Migration
offices (paper to Nov 2001.
PC)
Hot spots July
— Sep 2000,
March 2001.
Migration
figures
accepted
inevitably lead
to R&P issue.
No software
fault.
Erroneous 39 191 April 2001 - Software
settlement of June 2001. error
Transfer Out and
Transfer In Corrected cash
transactions to accounts.
Cash provided to
Post Office
(KEL DRoweS50K) Networks
(PON).
Counter
software fix @
release M1,
which rolled
out from May
2001.
‘Balancing Error: I 14 177 March 2001 — Software
Receipts and July 2001. error
payments do not
match, please Reconciliation
data has been
WBONO0000210
WBON0000210
SSC
[Matthew
\Lenton]
Response
provided
jat left.
Updated
25-Jan-
2019
WBD_000080.000014
investigate. The
error may be
corrected using
Reversal Function.
WARNING:
Continuing may
lead to an
unbalanced Cash
Account"
(KEL
DRowe1625K)
Stock unit being
rolled over twice
before the Cash
Account is rolled.
(KEL
LKiang1222L,
GMaxwelll59r)
Single Counter
Outlet (SCO) was
replaced, without
synchronising the
messagestore.
(KEL
JBallantyneS328R)
169
152
provided to
PON (suspect
this was
corrected cash
accounts).
Counter
software fix @
release M1,
which rolled
out from May
2001.
March 2001 — I Software
May 2001. error
Corrected cash
accounts
provided to
PON.
Counter
software fix @
release M1,
which rolled
out from May
2001.
November Software
2000 — error
November
2001.
Reconciliation
Data provided
to PON.
Mismatch
between
receipts and
payments is
due to a self
originated
message which
overwrote a
transaction on
the counter
messagestore.
MSU noted in
Nov 2001:
This type of R
& P incident is
the only one
we still get
regularly. Is
there anything
that can be/is
being done to
fix it?
WBONO0000210
WBON0000210
WBD_000080.000015
Software fixes. 27
May be relatedto I 29
above KELs, or
other issues.
Reference data. 13
Either rollout
timetable not
followed, resulting
in unavailable
local products such
as OBCS, or
products ending
and stock
remaining.
Duplicate incidents I 34
within the set
being analysed
e.g. branch reports
the same issue
flagged on
Fujitsu’s host cash
account report, or
vice versa
Reconciliation 41
resolved.
May be related to
above KELs, or
other issues.
No fault, not R&P I 11
Peaks, etc
Temp Closed 5
offices
123
110
76
35
Software fix @
release BI2.
April 2000 —
December
2001.
12@Cl4.
10@MI1.
S@ other:
7 @ other.
July 2000 —
December
2001.
OBCS
products will
have become
available, later
than expected.
September
2000 —
December
2001.
August 2000 —
December
2001.
Identified by
data centre
reporting.
Root cause
cannot be
determined
from Peak
Information
provided to
POL to give
correct view of
accounts
September
2000 — January
2002
May 2001 —
January 2002
Software
error
Reference
Data Error
Admin
Ignore
Unknown
Admin
Ingore
POL
Process
WBONO0000210
WBON0000210
WBD_000080.000016
Correct outlet
close process
not followed.
Information
archived (e.g.
Balance
brought
forward) by
system.
Error
Hardware swaps § 6
User 4 6
Unclear 6 0
Fly 2000—
October 200+
May 2000 —
November
2001
August 2000 —
July 2001
A&G for PM
or Trainers,
which
sometimes
wasn’t
followed
(PC0065358).
PM ignoring
on screen
messages
(PC0053164).
One call where
PM accepted
shortage, then
acall was
raised
(PC0067250),
possibly
indicating lack
of
understanding.
Another call
(PC0068191)
reads like lack
of PM
understanding
of the Cash
Account.
July 2000 —
June 2001
Insufficient
evidence to
comment.
Engineering
process
error
Training
Unclear
For 2002, 101 of the 124 calls raised that year were opened in
January. 99 of those were for the Orange Prepay issue. Only 1 call
was opened in February.
WBONO0000210
WBON0000210
WBD_000080.000017
Provide a list of reasons for which transaction data would need to be
injected at the counter.
Issue with Riposte index at counter
Potential financial
impact because the
wrong value or quantity
was being used for a
product
Last historic message stored at counter
was incorrectly being considered as part
of a balancing process
No financial impact. PM
recognised that data
presented was too old.
Config data relating to PinPad needs to
be deleted if PinPad is removed from
counter. AKA PinPad LPO delete.
No financial impact
Old configuration objects local to
counter needed to be removed.
LPO Delete.
No Financial impact
Five corrupted bureau transactions on
Financial impact
Usually same / next day not months. Ref
data for product referenced in AP
recovery removed. Impossible for PM to
complete recovery. Objects deleted. LPO
delete
counter (PC0175821)
Changes approved by
POL
Documented on BIMS
PM left AP recovery for too long. Possible but unlikely
financial impact due to
age of recovery
information.
* LPO=Local Persistent object. Configuration object used by the
Riposte system. By its nature, requires intervention at counter.
Note: Last case (RiposteObject command) still being worked on.
This relates to configuration information (similar to LPO above) and
will not have any financial impact so is for completeness only.
Method
We searched the following databases to try and identify the incidents
for which transaction data has been inserted at the counter:
KEL: Known Error Log
WBONO0000210
WBONO0000210
[Steve /
SSC
ICan this be
jascertained
rom the
jsampling
referred to
below at 9?
[Matthew
[Lenton]
[Response
provided
lat left, 24-
Van-2019.
WBD_000080.000018
OCP: Operational Change Processes OCR / OCP
Peak: Incident management system
System I Search Keywords
KEL RiposteMessageFile
KEL LPO Delete
KEL Marooned
OcP RiposteMessageFile
ocP LPO Delete
ocp Marooned
OcP RiposteObject put
Peak RiposteMessageFileRiposteMessage
Peak LPO Delete
Peak JBallant498J
Peak MYoung5043M
Peak Marooned
Peak RiposteObject put
Did: (1) Belfast team; and (2) privileged users have the ability to inj
transaction data between 2001 and 2004? Do they have that ability now?
Gareth Jenkins: With Horizon Online, there is the Transaction
Correction Tool which can inject transactions and this is controlled by
SSC. It is audited when it runs and we have only used it once in
March 2010. The DBAs in Belfast can in theory do anything to the
BRDB. In practice they will run scripts tested by dev as part of a
systems upgrade if DB changes are required. Any such access is
audited and since 2015 the actual commands run are also audited.
With old Horizon, control was weaker. SSC could inject into
Correspondence Servers and also at the counter.
Belfast team: Belfast had administrative access to the
correspondence servers and had a theoretical ability to inject data
into the messagestores, but don t believe that they had the technical
understanding to do so.
Belfast had no access to counters, UNIX/NT team having no users and
no knowledge of administrative user accounts/passwords.
They would not have injected any data unless it happened to be done
by scripts that they were asked to run and which were provided under
WBONO0000210
WBON0000210
[Matthew
[Lenton]
[Response
provided
lat left, 24-
Van-2019.
WBD_000080.000019
WBONO0000210
Matthew Lenton
Post Office Account Document Manager
P&PS, Digital Technology Services
Fujitsu
Lovelace Road, Bracknell, Berkshire, RG12 8SN
Web: https://www.fujitsu.com/global/
From: Jonathan Gribben [mailt
Sent: 24 January 2019 09:56
To: Lenton, Matthew
WBONO000210
change control. Direct manipulation of the messagestore wasn t
something that they knew how to do and would not have attempted to
do lest it break the running applications which harvested/inserted
data. Their understanding of the actual messages was very low/non-
existent so would have had no confidence in making any insertion.
9 I 21 Review a sample of OCPs to give an indication as to how frequently [Steve /
transaction data was injected. ISSC —
relates to 6
[Matthew Lenton] This is proving difficult to provide. The original jabove?
plan was to examine sample months of change control data and
produce rough figures. As Pete Newsome already discussed with you, Matthew
this lead to it becoming apparent that support did not use formal Lenton]
change control in the earlier years for BAU support actions. We relied \Update at
on the audit trail within the incidents (Peaks) to document support eft.
actions. We had auditability of the work done but no change control
entries. We assume that the reasoning behind this was to allow
implementation of support actions ASAP, and the audit trail being
good enough where there was no financial impact.
Therefore we are still looking at how / if we can provide an accurate
answer to this question for the earlier years.
GRO_______4>; Andrew Parsons <_
Subject: RE: Roll 2 [WBDUK-AC.FID27032497]
Importance: High
WBD_000080.000020
WBONO0000210
WBON0000210
Matthew,
Please would you provide an update in relation to the below this morning?
Kind regards
Jonny
Jonathan Gribben
Managing Associate
Womble Bond Dickinson (UK) LLP
Stay informed: sign up to our e-alerts
WOMBLE “ee
BOND
DICKINSON
From: Matthew.Lentor____ GRO. i [mailto
Sent: 22 January 2019 15:46
To: Jonathan Gribben.
Cec: SHendersor GRO; Lucy Bremner; ParkerSP}
pete.newsomet, Gareth Jenkins
Subject: RE: \C.FID27032497:
Jonny,
I’ve numbered the actions I — 11 below, and added the responses so far to actions I and 11 in the Actions
column, and some notes on progress etc. to the Fujitsu column.
Matthew Lenton
Post Office Account Document Manager
P&PS, Digital Technology Services
Fujitsu
Lovelace Road, Bracknell, Berkshire, RG12 8SN
WBD_000080.000021
WBONO0000210
WBONO000210
From: Jonathan Gribben [mailt
Sent: 21 January 2019 17:39 ett
; Ibbett, Dave < GRO >; Newsome, Pete
i Lenton, Matthew < GRO. } Gareth Jenkins
H GRO y
Ce: Simon Henderson } . GRO >; Lucy Bremner
Subject: RE: Roll 2 [WBDUK-AC.FID27032497]
Dear all,
Privileged & Confidential
Thank you for your time earlier. Here's a list of the actions that I captured from today's calls. Please let me know if
there's anything you'd like to add or change:-
\ActionI Paragraph I Action Assigned [Fujitsu
of Roll 2 to
1 8 Keyword search for incidents containing the words I Fujitsu ISteve / SSC
"laptop" and/or "luggable" and/or "outreach" etc.
[Matthew Lenton]
The Peaks referenced below Details of Peaks
provided at left.
PCO0100174 March Ist 2004 to Sth March
2004
FAD317309 reporting: Horizon Kit rebooting
itself for no apparent reason.
Helpdesk user: "Over the past 2-3 weeks
engineers have been to site and have replaced
2xBU's and 2xPSU's but the problem
persists."
BU = base units = PC itself. PSU = Power
supply units within the base units
RR "Evidence (from event logs) shows that
the power is being switched off every morning
shortly (ie 5 or 6 minutes) before the PM logs
ont
RR: "After carrying out tests on our rigs, I
have been able to duplicate the problem here
on ONE of our rigs but not on others. It
seems that the Screen Power Button is
incorrectly connected to the motherboard."
RR: "We have now identified two instances of
this, one in live. This is a hardware build
quality issue."
WBD_000080.000022
This was followed by:
PCO0100899 18th March 2004 to 24th March
2004.
Hardware returned from site to Bracknell for
examination,
RR: "Tests carried out on screen power
switch - working correctly, no further action
required."
Your questions 2d,e,f,g
d) Is his example true, or could it have been
true: Yes. Can find no data on the origin for the
statement: "This is a hardware build quality
issue". Could be a discussion with engineering
which was not recorded on the incident progress.
Information we have only describes the hardware
issue being seen internally to FJ on one instance
of test rig hardware. No hardware error proved
on the site.
If so, how often did that sort of problem occur:
Very rare. Only one other found using keywords
"standby", "laptop", "luggable". PCO0S5550 which
was a problem on prototype hardware going into
standby mode.
What would have caused it: Inconclusive. No
information on root cause of issue reported by
the Post Master onsite. Could be a hardware
problem, could be user miss-operation of
hardware.
Could it have affected/did it affect branch
accounts: No. Once powered on the unit would
function as normal.
If so, might its effect on branch accounts never
have been detected with the result that some
SPMs might have been wrongly held liable for
false deficits: No
e) Would Rolls have disassembled laptops and
done the other things he describes in para 8:
Have to assume he did as per the incident
updates. I expect he had some assistance
(especially with kit on test rigs - different team
totally) but unable to substantiate.
Would he have had/did he have the
conversation with his manager he describes in
para 8: Just can’t answer this. My analysis of the
issue would suggest that it turned out to be
unimportant because there was no proof that this
ever happened in the live estate and that his
comment of "This is a hardware build quality
issue" is simply conjecture. However, he may
have discussed with engineering and truly
discovered a batch of faulty hardware. I would
WBONO0000210
WBON0000210
WBD_000080.000023
WBONO0000210
WBON0000210
have expected an update in the incident reading
"Discussed with xxxxxxxx in engineering and we
determined that........ Bad batch...... etc" No such
updates are present.
f) Was the problem referred to in para kept
secret, as claimed at the end of para 8: No
evidence either way. I would not expect that to
be the case. It is not in Fujitsu's interest to have
faulty equipment that is not corrected damaging
reputation.
g) Would Fujitsu management have known/did it
know about this problem? Would/did Post
Office? If not, why not: No way of knowing.
Information no longer exists
2 8 Check what the experts and witnesses say about WBD
KEL psteed2847n.
3 9 Provide a list of events that give rise to a receipts Fujitsu ISteve / SSC
and payments mismatch.
Examples only, or all
scenarios that caused
hem in reality?
(Matthew Lenton] May
take rest of this week orI
ore. Requires eyeball
searching.
4 12 Did Post Office review TC volumes in order to WBD to pick
identify potential software issues. up with POL
5 16 Review the contract between POL and Fujitsu and WBD
summarise SLAs/penalties.
6 I 20 Provide a list of reasons for which transaction data I Fujitsu Steve / SSC
would need to be injected at the counter.
[Can this be ascertained
irom the sampling referred)
fo below at 21?
(Matthew Lenton] SSC
forming a query to find
this from OCP data,
lalso determining when
transaction would be
injected at the counter.
7 20 Review Peak reference 107043 (example of WBD
transaction being injected into counter).
8 I 21 Did: (1) Belfast team; and (2) privileged users have I Fujitsu IGareth: answer 1 and 2
the ability to inject transaction data between 2001 jand perhaps explain again
and 2004? Do they have that ability now? difference between old
fand new?
9 21 Review a sample of OCPs to give an indication as Fujitsu [Steve / SSC — relates to
to how frequently transaction data was injected. 120 above?
[Matthew Lenton] See
action 6 above
10 I 22 Search for documents relating to the controls WBD
around transaction data being injected
(DE/HLD/002 is an example).
WBD_000080.000024
11 I General
Provide details of Fujitsu's document storage
practices and retention policies. Are emails, word
documents etc. from 2001 — 2004 available?
[Matthew Lenton] Emails cannot be retrieved
Srom the accounts of former Fujitsu
employees from that period, and back ups are
not held for that period of time. The only
records of such a person’s emails would be if.
they are part of a current employee’s email
account or pst archive, in which case it would
be only the subset of their emails that were to
or from the other user. Similarly, for other
documentation that was held locally be
individual employees on their laptops, that
would have been deleted when the user left.
As we have already seen, some limited
information from this period does exist, stored
in Dimensions and other networked
repositories, some of which we have already
provided in connection with this case.
Fujitsu
WBONO0000210
WBONO000210
[Matthew
(Matthew Lenton] See
janswer at left
We are aiming to get a draft response to Roll 2 into circulation by early tomorrow afternoon.
Kind regards
Jonny
Jonathan Gribben
Managing Associate
Womble Bond Dickinson (UK) LLP.
‘Stay informed: sign up to our e-alerts
WOMBLE
ND
DICKINSON
From: Jonathan Gribben
To: 'ParkerSPt.
GRO} Dave.Ibbetti "~~
womblebonddickinson.com
yO
Matthew.Lenton¢,
Cc: Simon Hender
Subject: Roll 2 [WBDUK-AC.F1D27032497]
Gareth Jenkins ¢
] Lucy Bremner
Privileged & Confidenti
WBD_000080.000025
WBONO0000210
WBONO000210
To discuss
Jonny
Please consider the environment! Do you need to print this email?
The information in this e-mail and any attachments is confidential and may be privileged and protected by law. matthewJlentor,_, only is authorised to
fy jonatha soon as pi
d may be unlawful, Information about how
copies. ¢, dissemination, distribution, publ munication or at
‘we use personal data is in our Privacy Policy. on our website
Any files attached to this e-mail will have been checked by us with virus detection software before transmission. Womble Bond Dickinson (UK) LLP accepts no liability for
Content ofthis email which does not relate to the official business of Womble Bond Dickinson (UK) LLP, is neither given nor endorsed by it
This email is sent by Womble Bond Dickinson (UK) LLP which Our registered
office is 4 More London Riverside, London, SEI 2AU, where ofthe LLP, or an
employee or consultant who is of equivalent standing. Our VAT r
Womble Bond Dickinson (UK) LL
services in the US, the UK, and els
member of Womble
round the world, Each Womble Bond
nor can bind or ob other Womble Bond Dickinson entity. Womble Bond Dic!
www.womblebonddickinson.com/legal notices for further details.
Womble Bond Dickinson (UK) LLP is authorised and regulated by the Solicitors Regulation Authority.
Unless otherwise stated, this email has been sent from Fujitsu Services Limited (registered in England No
96056); Fujitsu EMEA PLC (registered in England No 2216100) both with registered offices at: 22 Baker
Street, London W1U 3BW; PFU (EMEA) Limited, (registered in England No 1578652) and Fujitsu
Laboratories of Europe Limited (registered in England No. 4153469) both with registered offices at: Hayes
Park Central, Hayes End Road, Hayes, Middlesex, UB4 8FE.
This email is only for the use of its intended recipient. Its contents are subject to a duty of confidence and
may be privileged. Fujitsu does not guarantee that this email has not been intercepted and amended or that it
is virus-free.
Unless otherwise stated, this email has been sent from Fujitsu Services Limited (registered in England No
96056); Fujitsu EMEA PLC (registered in England No 2216100) both with registered offices at: 22 Baker
Street, London W1U 3BW; PFU (EMEA) Limited, (registered in England No 1578652) and Fujitsu
Laboratories of Europe Limited (registered in England No. 4153469) both with registered offices at: Hayes
Park Central, Hayes End Road, Hayes, Middlesex, UB4 8FE.
This email is only for the use of its intended recipient. Its contents are subject to a duty of confidence and
may be privileged. Fujitsu does not guarantee that this email has not been intercepted and amended or that it
is virus-free.
Unless otherwise stated, this email has been sent from Fujitsu Services Limited (registered in England No
96056); Fujitsu EMEA PLC (registered in England No 2216100) both with registered offices at: 22 Baker
Street, London W1U 3BW; PFU (EMEA) Limited, (registered in England No 1578652) and Fujitsu
Laboratories of Europe Limited (registered in England No. 4153469) both with registered offices at: Hayes
Park Central, Hayes End Road, Hayes, Middlesex, UB4 8FE.
This email is only for the use of its intended recipient. Its contents are subject to a duty of confidence and
may be privileged. Fujitsu does not guarantee that this email has not been intercepted and amended or that it
is virus-free.
Unless otherwise stated, this email has been sent from Fujitsu Services Limited (registered in England No
96056); Fujitsu EMEA PLC (registered in England No 2216100) both with registered offices at: 22 Baker
Street, London W1U 3BW; PFU (EMEA) Limited, (registered in England No 1578652) and Fujitsu
Laboratories of Europe Limited (registered in England No. 4153469) both with registered offices at: Hayes
WBD_000080.000026
WBONO0000210
WBON0000210
Park Central, Hayes End Road, Hayes, Middlesex, UB4 8FE.
This email is only for the use of its intended recipient. Its contents are subject to a duty of confidence and
may be privileged. Fujitsu does not guarantee that this email has not been intercepted and amended or that it
is virus-free.
Unless otherwise stated, this email has been sent from Fujitsu Services Limited (registered in England No
96056); Fujitsu EMEA PLC (registered in England No 2216100) both with registered offices at: 22 Baker
Street, London W1U 3BW; PFU (EMEA) Limited, (registered in England No 1578652) and Fujitsu
Laboratories of Europe Limited (registered in England No. 4153469) both with registered offices at: Hayes
Park Central, Hayes End Road, Hayes, Middlesex, UB4 8FE.
This email is only for the use of its intended recipient. Its contents are subject to a duty of confidence and
may be privileged. Fujitsu does not guarantee that this email has not been intercepted and amended or that it
is virus-free.
Unless otherwise stated, this email has been sent from Fujitsu Services Limited (registered in England No
96056); Fujitsu EMEA PLC (registered in England No 2216100) both with registered offices at: 22 Baker
Street, London W1U 3BW; PFU (EMEA) Limited, (registered in England No 1578652) and Fujitsu
Laboratories of Europe Limited (registered in England No. 4153469) both with registered offices at: Hayes
Park Central, Hayes End Road, Hayes, Middlesex, UB4 8FE.
This email is only for the use of its intended recipient. Its contents are subject to a duty of confidence and
may be privileged. Fujitsu does not guarantee that this email has not been intercepted and amended or that it
is virus-free.
Unless otherwise stated, this email has been sent from Fujitsu Services Limited (registered in England No
96056); Fujitsu EMEA PLC (registered in England No 2216100) both with registered offices at: 22 Baker
Street, London W1U 3BW; PFU (EMEA) Limited, (registered in England No 1578652) and Fujitsu
Laboratories of Europe Limited (registered in England No. 4153469) both with registered offices at: Hayes
Park Central, Hayes End Road, Hayes, Middlesex, UB4 8FE.
This email is only for the use of its intended recipient. Its contents are subject to a duty of confidence and
may be privileged. Fujitsu does not guarantee that this email has not been intercepted and amended or that it
is virus-free.
WBD_000080.000027