Data breaches’ handling policies/stance of GLA were not followed when I was there. Here they are in their own words:

Meanwhile in the news:

Also this past weekend:

Summary: This past weekend Greater London Authority’s managers came under fire for mishandling of data (this went on for months!) and it wasn’t even the first time; usually they keep quiet about such things and hope nobody will notice while IT people — including Sirius ‘Open Source’ — are retroactively ‘fixing’ these issues

Summary: Data security and system security at Greater London Authority’s Web site haven’t been good; today we share just a couple of examples which help refute statements issued by Greater London Authority after a scandal that had made it to the mainstream media

Y! It really takes a liar to progress to management. The better the liar, the higher up the role.

As I mentioned the other day, there’s somewhat of a blunder since Friday when the news broke:

The following conspicuous statement is worth assessing, as I was working on the sites (various aspects, some microsites too) for 9 years.

You would expect them to say that, wouldn’t you?

As I said on Saturday morning, this has deja vu written all over it.

to give one example (there are more):

It wasn’t Sirius stuff (and certainly wasn’t me) who configured those terribly buggy forms.

As lying bosses at Sirius might say, “it doesn’t look good…”

It’s not the fault of Sirius either, at least not in this case.

The worst part of it is, as far as I’m aware GLA never publicly reported or disclosed this incident (sometimes this is legally required upon discovery or within a number of days, including informing those potentially affected, like people with their identity cards uploaded and widely available to the general public).

This isn’t the only such example.

2 years later even malicious scripts/programs could be uploaded. It was only detected after it had happened. Here are some fragments of old messages:

This is a penalty for not scanning/sanitising uploads/input.

Why am I publishing these (redacted sensibly)? Because lying is wrong and privacy problems are the problem, speaking about them is not the problem. It is the moral thing to do — to point out it is a repeat offender so to speak. There is an obligation here to debunk false assurances, as this has gone on for years already.

Summary: The London Municipality, also known as Greater London Authority (GLA), turns its back on people who worked on its computer systems for nearly a decade; it’s not convenient to deal with victims of a crime, especially when the crime was committed on GLA’s watch while GLA was sponsoring the perpetrators of the crime

THE series about crimes of Sirius ‘Open Source’ is far from over. What we have here a formerly OK company that even funded the Free Software Foundation (FSF) for a couple of years turning into a criminal organisation, taking bribes in secret from Bill Gates (under an NDA) while besieging and bullying its own staff. This must be treated as a criminal matter, not a civil matter. Arrests should be made as soon as possible.

But what happens when the perpetrators of the crimes are connected to the British government, not just local authorities but also Home Office? Then it gets a little… “tricky”… or “complicated” for them to handle. It’s almost like they’re asked to investigate themselves and hold themselves accountable.

As a recap, so far I’ve contacted:

1. Greater Manchester Police (repeatedly insisting I defer to Action Fraud after nearly 40 minutes on the phone)
2. Action Fraud (4 weeks, no action)
3. My MP contacting Action Fraud (4 weeks, no response)
4. GLA (London Municipality), whose computer systemd I’ve worked on since 2013
5. ECVCU Victim Contact/City of London Police
6. The equivalent of the ombudsman next

It should be strongly emphasised that:

1. I’m not the only victim. Men and women I worked with are also victims.
2. None of the steps above resulted in any real progress, except proving that this whole “law enforcement” system is trash
3. The perpetrators of the pension fraud crime (other crimes aside) got in touch with me personally and did not deny committing the crime

About 5 days ago I sent the following message to GLA, especially senior people there (they know me in person):

City of London Police Does Not Protect GLA Staff Victimised by the Employer

Two weeks ago I wrote to you regarding Action Fraud not taking action and not even replying to my MP upon escalation. After I sent the E-mail to GLA all of a sudden I received a mostly template-like message from the City of London Police E-mail system (ECVCU Victim Contact) and the Sirius Director who was in charge at the time contacted me not denying the abuses but basically trying to discourage me from pursuing criminal enforcement. I assume City of London Police messaged me because you had asked them to. Maybe they even contacted the above-mentioned Director because she contacted me at 2AM.

I responded to the police twice, but they are not even replying (not responding to my second message for 7 days as of this morning) — that’s basically consistent with my prior experiences. Nobody from GLA bothered to even reply to me, despite me working for GLA for many years while my employer (your contractor) defrauded my colleagues and I. There are many victims here, not one. I am therefore going to escalate this higher than GLA (Sirius worked for government departments above GLA) and perhaps the media too.

It does not look good that GLA does not take crime seriously, even crimes committed against its own people, despite GLA being in charge of the police (Sirius is based in London [1,2]).

_____________
[1] https://find-and-update.company-information.service.gov.uk/company/11014042
[2] https://find-and-update.company-information.service.gov.uk/company/03633198

These messages were definitely received, as there were even auto-responders:

Not only did they never respond. No real action has been taken to remediate things. GLA is swimming in money, it exploits people who do technical work overnight at 13-14 pounds per hour, and when it turns out those people were defrauded GLA just looks the other way. This won’t end well. We’re escalating this further and former colleague speak of legal action. Seeing how GLA and the police handled this, they’re even worse than the pension firms.

Video download link | md5sum ff10727ca3703e6abd1ccf2a43f85a9e
Managers of Police Budget Fail Miserably
Creative Commons Attribution-No Derivative Works 4.0

Summary: It increasingly looks like an elaborate festival of gaslighting if not cover-up; people whom I worked for (or with) for many years don’t want to talk about crimes committed against my colleague and I; police never went any further than sending template-like E-mails which say nothing at all and cops treat my Member of Parliament like she does not even exist to them — a blatant case of chronic contempt

HIS early morning (at around 3AM) marked one week since I last contacted London about the crimes of Sirius ‘Open Source’. Much as I expected all along, there was no reply, not even an acknowledgement that they were handling my E-mails (nothing bounced, those were successfully received at their end).

What does that tell us about British police or about police in general?

What can one conclude about crimes committed by government contractors, which are in turn protected by the government? What if the crimes are committed against the staff? Should that even matter?

If the system of law enforcement has become a system of selective enforcement (wherein selections are done by those in power), then it’s not a functioning system of Law and Order or the Rule of Law. It’s a dictatorship of monarchs widely disguised and sold to the public — even to the whole world — as a democracy. The video above also discusses past engagements with the police. They were never helpful, only polite (to a point).

This saga is far from over. We’ve already escalated the matter today at noon.

Real function? Saving face? Response to bad press? Reaction to betrayed victims?

Summary: The very serious crimes committed by Sirius ‘Open Source’ while I worked there (I didn’t know until this year) are leaving many people in the British government red-faced and the police (at several levels already) is trying to sweep the whole thing under a rug

The pension fraud at Sirius ‘Open Source’ might only be the edge of a very large iceberg. What do managers know? Some contact us with a tone resembling “begging”. If they were not being properly audited due to scale-related exemptions, what other financial crimes were also being committed? Only managers from that time may know the full extent of the fraud, wage theft, etc.

Readers may wonder why we haven’t covered this topic for a week. We just needed to give police as much as a week to reply and since there’s no progress, we’re now escalating further (higher). For those who missed what we covered last month, our regime tried to pretend that pension fraud committed by itself (via a contractor) is like falling for some Nigerian scammer online and victims can be brushed off with some “advice” rather than law enforcement. As if having a chat over the telephone would do; babytalk rather than imprisoning those responsible, i.e. those who were paid by our own regime. We call that “arse-covering” here; they know they’re culpable, so they’re just trying to tire down the complainants.

So later on, maybe later this week, I will report to the Independent Police Complaints Commission (IPCC) or Independent Office for Police Conduct (IOPC); not that they will fix it, I don’t expect the cover-up to stop at the police, but it’ll make a point. It’s all very Kafkaesque. What started as outright fraud at Sirius, a small government contractor, is now a scandal implicating the whole British system. It’s shielding the criminals instead of protecting their victims.

“I hope that it had a specific enough (and accurate enough) call to action for them to work with,” one person advised me last month. “It’s good that there are still additional options in reserve. However, this one might take a lot of back-and-forth negotiation before moving forward. It’s very important to emphasise that many former employees were also ripped off by Sirius in this manner. And that the manner of the ripoff is very likely a serious crime in the UK.”

We’ve just spoken to additional informed people and escalating this to the British media (mainstream press) is still in the cards. But the higher up we go now, the bigger this blunder becomes. The chain of complicity becomes longer.

Speaking to supervisory agencies is just one of 10 escalation steps ahead (we have them written down; it’s a checklist for a broken system). As a reminder, on the last Monday of June things escalated to London’s authorities (they know me in person because I worked for them and went there in person), which in turn referred the case to ECVCU Victim Contact/City of London Police. Knowing the people will help a lot, I think, but the people they referred me to don’t know me.

As a recap, it all started in March with Greater Manchester Police (repeatedly insisting I defer to Action Fraud after nearly 40 minutes on the phone), then Action Fraud (4 weeks, no action), then my MP contacting Action Fraud (4 weeks, no response), then London’s authorities (GLA), then ECVCU Victim Contact/City of London Police. Exactly one week ago (Saturday morning) I wrote to them:

We have received a referral in relation to the report you made to Action Fraud, crime reference number [redacted] refers.

As part of our service we are contacting you to offer further advice, guidance and support regarding your fraud, which you will find below. In addition, if you would like us to make contact with you to discuss further, could you please provide us with your telephone number and one of our Victim Contact Advisors will attempt to call you on a day and at a time convenient to you. We operate Monday to Friday from 0900-1800.

If you have any concerns regarding the authenticity of this email, please refer to our website for reassurance and further information, http://www.actionfraud.police.uk/vcoa-unit

Hi, City of London Police,

It is now July. What is the latest progress on this? Have arrests been made yet? If you are not progressing the case, I will escalate higher.

Regards,

They did not even bother responding to me. It was my second message to them.

They don’t even respond.

Typical, more of the same.

And to repeat what was said here before, the complaint to HMRC regarding Sirius went nowhere. Now almost 2.5 months without even a reply. One must thus deduce that unless one is an oligarch or a King, operating through a network/legion of well-connected lawyers, HMRC (HM stands for His Majesty’s) is unresponsive to reports of tax fraud. HMRC (cherry-) picks on the vulnerable, who lack legal defence. It’s “cheaper” this way.

So what comes next is a referral to the Independent Police Complaints Commission (IPCC). It’s now known as the Independent Office for Police Conduct (IOPC) and except in Northern Ireland there seems to be no ombudsman for the police, so this seems to be the last resort at this level. The police level. The cops have political masters too, so we’ve not exhausted the options.

A lot of people have understandably become cynical about “the system” and how it’s definitely not working. But proving this or demonstrating that as an actual victim of a crime takes a lot of work.

While we still have some remnants of democracy and free speech it is still feasible to safely or almost safely criticise and challenge key institutions, even courts and police. If we don’t exercise those freedoms, we’ll lose them and criminals/oligarchs will control everything, like in Russia or China.

As a side note, the police does not even name its unit consistently. It seems to be more about keeping up appearances rather than doing anything. For instance, what London municipality called “Economic Crime Victim Care Unit” is not consistent with E-mails that say “Economic Crime Victim CONTACT Unit”. A cynic might say that maybe they changed names as they decided they did not CARE and would just CONTACT instead (but would not even respond to messages from the victims whom they contact!). A care unit became contact unit (same acronym) and there is also National Economic Crime Victim Care Unit (NECVCU), albeit not the same thing. They’re not even sure what to call themselves. Here’s the Victims Commissioner. Someone has told me that in the United States police don’t say victim. They say “complaining witness”.

In short, the police here has made no effort at all to tackle the crime. To make matters worse, they talk to us like we bought fake ‘crypto’ coins or something inane like that; or sent money to a Nigerian prince…

But this is not what happened; it was a well coordinated scam by govornment entities and they don’t want to be left holding the bag. Instead they pretend we’re all just stupid and this won’t end well.

We’ll escalate this matter further and then escalate to media/press, as legal action is too slow. We might follow up with GLA (London Municipality; the company is based there) and local MPs to remind them what sort of police forces they’re funding. It generally signals to everyone out there that crime pays off and if one commits a crime and gets caught, no punishment will follow. Even if one lives in the UK and still operates in the UK, with impunity.

Video download link | md5sum 9626365333766dabc4d34d12ae13a6a6
Getting Down to Arrests, Compensation, Gates NDA
Creative Commons Attribution-No Derivative Works 4.0

Summary: The crimes of Sirius ‘Open Source’ are believed to be investigated right now, but it is important to note just how much effort is required — even some connections — to get things rolling and actually get law enforcers to do their job rather than send bot messages acknowledging the receipt of something never handled by an actual person

THE video above is an outline or an overview of some recent developments in the quest to hold Sirius ‘Open Source’ management accountable for very serious crimes. The clients included very high-profile government departments, so we don’t expect this to be easy. Generally speaking, the government tends to protect itself from accountability or from ‘embarrassment’, perhaps even prosecution and jail time. In this case, there are many victims and they’re GNU/Linux system administrators, sometimes programmers too. We expect this series to last until the end of the year, maybe even next year, judging by how slowly “the system” is moving, both by intention and by design. We’ll document the failings and the shortcomings of this system. We’ve seen similar things in the EU when it comes to EPO corruption.