Loans.co.uk finds source of data leak

Loans.co.uk has identified the source of a database breach which led to the personal details of customers being passed on to rival companies.

Loans.co.uk has identified the source of a database breach which led to the personal details of customers being passed on to rival companies.

The company said this week that an audit of its IT systems had shown an employee had accessed the company database without authorisation.

"Loans.co.uk has controls and systems in place to protect individuals' information, and this is evidenced by the fact that these systems detected unauthorised activity on the database," said a spokeswomen.

Customers had complained of receiving unwanted calls from other loan companies and their identities could be used by fraudsters. It then emerged that customer details, including names addresses and telephone numbers, had been passed on without authorisation.

"No organisation can guarantee that they are fully protected against data theft, and most will struggle if an individual in a trusted position decides to act without authority," the company said.

Mike Maddison, UK head of security and privacy services at analyst firm Deloitte, said all organisations face challenges from within, and there is no such thing as 100% security. "But putting the right sort of preventative and detective controls in place can act as a deterrent," he said.

Loans.co.uk initially passed details of the security breach to Hertfordshire Police and industry regulator the Financial Services Authority. They advised the company to consult the Information Commissioner's Office, which is now investigating the breach.

A spokesman for the ICO said it would help Loans.co.uk to ensure that this does not happen again. He added that individuals within companies can be prosecuted for breaching the Data Protection Act.

Read more on Privacy and data protection

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close