This site uses cookies; by continuing to use our site you agree to our use of cookies. More details in our privacy policy. Close



Insurance group fined for losing customers’ bank details 13 January 2017

A London-based insurance group has been fined £150,000 by the Information Commissioner’s Office (ICO) after the loss of nearly 60,000 customers’ financial data.

Royal & Sun Alliance Insurance failed to keep customers’ information safe by not taking appropriate measures to prevent theft at its offices in west Sussex.

A hard drive was stolen between May and July 2015 containing 59,592 customers’ names, addresses and bank account details including account numbers and sort codes.

The device, not yet recovered, also held limited credit card details of 20,000 customers.

The ICO enforcement officers found the device was stolen from company premises either by a member of staff or a contractor.

It said the information on the hard drive was not encrypted and the room it was stored in did not have CCTV.

The ICO said the company also failed to restrict access to the room to essential staff and contractors.

The fine must be paid by February 8. If it is paid in full by February 7 the fine will be reduced by 20 percent to £120,000 unless the company appeals.

Steve Eckersley, head of enforcement at the ICO, said: “Customers put their trust in companies to keep their information safe, particularly financial information.

“When we looked at this case we discovered an organisation that simply didn’t take adequate precautions to protect customer information.

“Its failure to do so has caused anxiety for its customers not to mention potential fraud issues.”



blog comments powered by Disqus