Lloyds TSB has sent a letter to customers warning them that their computers may have been exposed to a Trojan horse, but a customer has complained of a lack of detail from the bank.
The bank's Fraud Response Team sent letters to some customers in December after it received a tip-off from payments association APACs, acting on intelligence from a law enforcement agency.
"Lloyds TSB has been recently advised that your computer may have been infected with a virus. This virus is specifically designed to steal personal information including credit card and your internet login details," warned the letter. "This virus can be difficult to detect and you may have downloaded this unknowingly. It can compromise your use of the internet banking service on your PC including your Lloyds TSB passwords and memorable information."
The letter left one IT director, who banks with Lloyds TSB, angry. He contacted the anti-fraud team but did not receive answers to his questions. He was told that his personal details had been available on a website, which the bank had now closed down, and was offered a security service but was not given details of the Trojan on his PC.
"You cannot go to a customer and spread panic. You go to them with consolidated information and do not just throw unqualified data at them," he said. "They said my details have been published on the internet. I asked what details and where and they could not answer."
He said the bank suggested he buy security products, advice that could be misleading. "Customers that do not understand technology will just buy what is recommended."
The customer has filed a complaint to the Information Commissioners Office after the bank failed to inform him what personal details had been stolen. "I have asked to be informed about what this personal information was, and so far Lloyds TSB has been far from helpful and have never responded to my calls," he said.
Lloyds said a small number of customers received the letter but would not give details of the exact number, the type of Trojan or how it discovered the information.
Lloyds TSB said, "We received intelligence from a law enforcement agency via Apacs that a very small number of UK consumers might have been exposed to a Trojan horse programme and that some of these were Lloyds TSB customers."
"We always monitor customer accounts to guard against any potentially fraudulent transactions and in this case have also advised customers who did not have an anti-virus software package on their machine to consider purchasing one to ensure maximum protection for their PC in the future."
But the customer said he uses the corporate antivirus and has several security products in place.
Have you been affected by this? If so email firstname.lastname@example.org
Read more on IT risk management
Lloyds Bank outage just the latest of a recurring trend as complexity grows
Lloyds Bank to migrate from IT alphabet spaghetti to Google-like simplicity sounds easy, but…TSB
Financial Conduct Authority raises questions over TSB's IT regression testing
Huge rise in TSB-themed mobile phishing attacks after IT meltdown