Expert shares what went wrong with Post Office system that destroyed lives
When a new computer accounting system was rolled out across post offices up and down the country at the turn of the millennium, workers had hoped it would make their lives easier.
Instead, glitches in the supposedly 'robust' Horizon software ended up dragging hundreds of sub-postmasters and sub-post-mistresses into a nightmare that many are still living through to this day.
As dramatised in the ITV drama Mr Bates vs the Post Office, the system wrongly detected financial shortfalls in various branches. The blame fell squarely on the shoulders of innocent sub-postmasters, many of whom faced serious charges of theft, fraud, and false accounting.
Between the years 2000 and 2014, 736 blameless individuals were prosecuted by the Post Office, their lives ripped apart by bankruptcy, prison time, and reputational ruin. Now a cyber security expert has explained how exactly such a thing could have happened, with the scandal making for 'a sobering reminder of the potential human cost of software errors'.
Speaking with the Mirror, cybersecurity and software expert Durgan Cooper warned that 'big national software projects. spread across thousands of sites such as Post Offices, are often riddled with difficulties and bugs'.
Passport warning as prices to increase from today if you want to get a new oneCETSAT chairman Cooper, who advises the House of Lords on such matters, continued: "Duplicate transactions, software freezes and faulty systems all led to an entirely deficient operation, with the software essentially registering more takings than instructed - leaving unbalanced books and hundreds of innocent postmasters on the hook.
"Leadership incorrectly believed the faulty system, not the people. Human oversight is essential with such extensive software, and Post Office leadership failed to understand that. The more layers involved, the more likely issues are to develop. Ghosts find it far easier to hide in such vast machines. The scandal highlighted the need for robust testing and validation of software systems, especially those handling financial transactions."
This, unfortunately, isn't the only instance of computer systems causing absolute havoc with people's lives. Cooper proceeded to point toward the Volkswagen Emissions Scandal, where it was discovered that software was 'manipulating emission tests', resulting in substantial fines, as well the air traffic control mayhem that ensued in 2023 after software failure led to the cancellation of two thousand flights cancelled and widespread disruption.
According to Cooper, there have been improvements in the years since, with 'a greater focus on accountability, software integrity and error detection', however, it's important to remain vigilant against such threats. He continued: "Any data can be manipulated, through inside actors or malicious forces. Keeping databases secure is an essential step for any organisation, especially with the development of such advanced AI. Decentralised and tailored solutions will always present the best defence, not a cumbersome and centralised approach. Human oversight remains vital, and most not be overlooked. The Horizon scandal serves as a sobering reminder of the potential human cost of software errors and the critical need for ethical responsibility in technological deployment."
The Mirror also spoke with Mervyn Pretoriūs, CTO and Cybersecurity Lead at CCI Global, who views the scandal as being much more complicated than a case of technical errors in the system. According to Pretoriūs: "The horizon scandal is not one of cybersecurity as much as it is one of an organisation so fundamentally flawed that it was able to ruin the lives of thousands of families without stopping for a moment to deal with its own internal failures and in this case the clearly flawed accounting system provided by Fujitsu."
Pretoriūs did however acknowledge that the fact that 'Fujitsu could access a counter remotely and alter values is certainly a cybersecurity failure'. Describing the deep losses endured by the sub-postmasters as a 'tragedy', Pretoriūs drew comparisons with two devastating crashes of two virtually new Boeing 737 MAXs, just four months apart, due partly to new software system, MCAS.
Using this example, Pretoriūs said: "It would later surface that many engineers had come forward to warn Boeing that there were real problems which ultimately resulted in loss of life." He continued: "Software bugs are by no means rare and occur very frequently. Typically processes exist to manage and correct bugs as they are reported in any deployment. As tempting as it is to blame the developers of a system when things go wrong that is a narrow view and likely the failing is far more widespread. The human element needs to be appreciated and when hundreds of your users are crying out that something is wrong with a system the kneejerk should be to get on the ground and investigate so that it can be fixed not to prosecute your colleagues because it’s convenient to trust a system implicitly.”
A Fujitsu spokesperson gave the following comment when approached by the Mirror: "The current Post Office Horizon IT statutory Inquiry is examining complex events stretching back over 20 years to understand who knew what, when, and what they did with that knowledge. The Inquiry has reinforced the devastating impact on postmasters' lives and that of their families, and Fujitsu has apologised for its role in their suffering. Fujitsu is fully committed to supporting the Inquiry in order to understand what happened and to learn from it. Out of respect for the Inquiry process, it would be inappropriate for Fujitsu to comment further at this time."
A Post Office spokesperson said: "We fully share the aims of the current Public Inquiry, set up to get to the truth of what happened in the past and accountability. It's for the Inquiry to reach its own independent conclusions after consideration of all the evidence on the issues it is examining."