Bank clients’ info sold on eBay

Archiving company didn’t remove data from computer before auctioning it of

LONDON: A company containing banking security details of more than one million people has been sold on eBay, according to bank officials – the latest in a series of losses of personal data in Britain.

The Royal Bank of Scotland (RBS) acknowledged on Tuesday that a machine belonging to archiving company Graphic Data and sold “inappropriately to a third party” had information of credit card application from some RBS customers and data from other banks. The computer contained account numbers, passwords, mobile telephone numbers and signatures.

“We take this issue extremely seriously and are working to resolve this regrettable loss with Graphic Data as a matter or urgency,” RBS said in a statement.

A former employee from Graphic Data sold a computer server used by the company on eBay without wiping the internal hard drive, said Nicole Morgan, a spokesman for MailSourceUK, which now owns Graphic Data.

The buyer, Andrew Chapman, said he found the data when he looked at the machine’s hard disk.

“I was appalled when I found the bank account information. That sort of thing shouldn’t have been listed on there,”  he said.

“It would have been possible quite easy to find if you know something about computers.”

The security breach became known when Chapman found the information and contacted authorities.

Britain’s Information Commissioner’s Office, the government agency responsible for protecting people’s privacy, has launched an investigation into the accident.

“We are now investigating this potential data breach and will be seeking an urgent explanation from Graphic Data to establish what has gone wrong and the steps that are being taken to prevent a similar incident occurring,” the information watchdog said in a statement.

eBay said the auction site had not yet managed to contact the buyer or seller.

Banks in Britain are obligated under the Data Protection Act to secure personal information. But banking and other highly sensitive information is being lost with increasing frequency.

Last year, Nationwide Building society was fined nearly £1mil (RM6.3mil) after a laptop containing private customer data was stolen from an employee’s home.

The breach come after several high profile cases involving the loss of data by government agencies. Last week, a contractor lost a memory device containing information on prison inmates in England and Wales, and in June, two sets of secret government files on terror tactics were left on commuter trains. The most dramatic data loss occurred in November when tax officials also admitted they had lost computer disc containing banking information on 25 million people – nearly half the country’s population.

American Express also issued a statement saying an investigation was under way to determine whether any of its customers were affected.-AP


                                                               -The Star, Thursday 28 August World W39


Did You Know

arrow Identity theft is the top consumer complaint in the USA according to the Federal Trade Commission.

arrow US consumers reported fraud loss totalling more than $1.1 billion in 2006.

arrow Credit card fraud (25%) was the most common form of reported identity theft in the US in 2006.

arrow More than 100 000 people are affected by identity theft each year in the UK

arrow According to Privacy Rights Clearinghouse, more than 350 data loss incidents involving more than 140 million records have occurred since February 2005

arrow Organisations are obliged by law to take take adequate steps to ensure the proper disposal of data

You are here  :