Security, Investigation, Corporate Events and Executive Protection Specialists
About A2Z | Contact Us
Security, Investigation, Corporate Events and Executive Protection Specialists
Contact A2Z by phone: +44 20 3178 6427 +44 20 3178 6427
info@a2zsecuritygroup.com
Security, Investigation, Corporate Events and Executive Protection Specialists
A2Z Security Group Services
News UpdatesA2Z Security Group News
Bank customer data sold on eBay
  • Bank customer data sold on eBay

    Bank customer data sold on eBay

  • 26 August 2008
  • The Daily Mail says an ex-worker for archiving firm Graphic Data sold it for £35 on eBay without removing sensitive information from the hard drive.

    The Royal Bank of Scotland (RBS) and its subsidiary, Natwest, have confirmed their customers' details were involved.

    RBS said Graphic Data had told it the PC had apparently been "inappropriately sold on via a third party".

    It said historical information relating to credit card applications for their bank and others had been on the machine.

    The information is said to include account details and in some cases customers' signatures, mobile phone numbers and mothers' maiden names.

    It is thought the problem came to light when Andrew Chapman, an IT manager from Oxford, bought the computer, noticed and raised the alarm.

    A spokesman for eBay said they had not been contacted by the Daily Mail and were currently looking into what had happened.

    "Clearly such details should never have been included in the hard drive of the computer offered for sale on eBay. We fully expect Mr Chapman to hand it back to Graphic Data as soon as possible. We will of course work with Graphic Data to establish how it came to be available for sale on our site."

    RBS and Natwest - two of the three businesses involved - said they are taking the issue very seriously and are working to resolve it "as a matter of urgency."

    A spokeswoman for data processing company Mail Source, which is part of Graphic Data, said it was investigating how the computer equipment had been removed from a secure location.

    "The IT equipment that appeared on eBay was neither planned nor instructed by the company to be disposed."

    She said the incident was extremely regrettable and the firm was "taking every possible step" to retrieve the data and ensure it was an isolated incident.

    Banks have an obligation under the Data Protection Act to keep all personal information secure.

    Last year the Financial Services Authority fined the Nationwide Building Society £980,000 for a security breach, after a lap top containing customer data was stolen from an employee's home.



Back To Summary


News Archive News Archive


Login Login

Register
Forgotten Password?

Conforms to WAI and XHTML standards
Content copyright ©2006 A2Z Security.
Site developed by Moov2 Ltd