The sale on eBay of a PC that had customer data from RBS bank customers has become the sparked calls for greater levels of encryption.
There has been a spate of high profile data leaks that followed on from the loss by HMRC last autumn of the details of 25m people claiming child benefit. Since then the MoD, retailers and banks have all hit the headlines losing customer data.
The latest case, which involved a PC containing RBS customer details, which was sold for £35 on the online auction site, has shown that even when computers are meant to be disposed of in a secure way there is still the chance of sensitive data getting into the open.
The PC was meant to have been disposed by document management specialist Graphic Data but the machine was sold online by an ex-employee.
In a statement Graphic Data said that it was investigating how the PC came to be sold online: "Investigations are ongoing to find out how this equipment was removed from one of our secure locations. We take customer privacy and data security very seriously. This incident is extremely regrettable and we're taking every possible step to retrieve the data and ensure this is an isolated incident."
A response came from a statement from the bank RBS, which said the data related to credit card applications: "Graphic Data has confirmed to us that one of their machines appears to have been inappropriately sold on via a third party. As a result, historical data relating to credit card applications from some of our customers and data from other banks were not removed. We take this issue extremely seriously and are working to resolve this regrettable loss with Graphic Data as a matter of urgency."
The response from those working in the security industry was to urge a quicker and more widespread adoption of encryption.
"Today's story that personal data of a million bank customers was found on a computer sold on eBay and the latest data loss bungle at the Home Office with thousands of criminal records on a USB key going missing, yet again highlight the need to protect sensitive data by encrypting it," said Frank Schlottke, CEO at Applied Security.
"With such a string of data loss headlines, it is difficult to understand why these measures to secure data - wherever it is - have not been implemented already," he added.