Banks dumped customer data in outside bins


Banks dumped customer data in outside bins

Antony Savvas

The Information Commissioner’s Office (ICO) has found that 11 banks and other financial institutions breached the Data Protection Act after an investigation into complaints about the disposal of customer information in outside bins.

HBOS, Alliance & Leicester, Royal Bank of Scotland, Scarborough Building Society, Clydesdale Bank, Natwest, United National Bank, Barclays Bank, Co-operative Bank, HFC Bank, Nationwide Building Society and the Post Office were all found to have discarded personal information in waste bins or receptacles outside their premises.

The Immigration Advisory Service was also found to have disposed of personal information in similar circumstances.

The ICO has now forced the organisations to sign a formal undertaking to comply with the principles of the Data Protection Act. Failure to meet the conditions of the undertaking was likely to lead to further enforcement action by the ICO and could result in prosecution, said the ICO.

David Smith, ICO deputy commissioner, said, “It is unacceptable for banks and other organisations to carelessly discard their customers’ information. It is vital that banks and other organisations take security seriously.

“Individuals must feel confident that banks and other organisations are safeguarding their personal information.”

The ICO’s investigation into the banks’ disposal of customer information follows evidence supplied by the BBC Watchdog programme, the Sunday Mail and consumer group ScamsDirect.


Comment on this article:


Related article:

Couple convicted of stealing data

Intrusion detection systems alive and kicking


Stuart King’s risk management blog:

Dealing with the operational challenges of information security and risk management

Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy