Bank of Scotland blames human error in data screw-up | The Register

Skip to content

Security:

News Tools

Reg Shops

Top Stories

Read more top stories

Related Whitepapers

The Perfect (Virtual) Marriage
Deduplication and VMware
Enforce Your Email and Web Acceptable Usage Policies
Not Just Words
Making Green IT a Reality
Customer Perspectives on the Impact of Storage Vendor Decisions on Power, Cooling, & Space in Enterprise Data Centers
Search Engine Link Spam
Risks, Threats, Solution
Solution Brief: Reduce Energy Costs
With Green IT Solutions
Eliminating the Security Risk of Sending Confidential Information by Email
Email Encryption

The Register » Security » Enterprise Security »

Bank of Scotland blames human error in data screw-up

Unencrypted disc lost in post

By John Oates → More by this author

Published Thursday 7th June 2007 15:22 GMT

Bank of Scotland (HBOS) is telling 62,000 customers they could be at risk of identity theft after it stuck an unencrypted disc in the ordinary post, which was subsequently lost.

The disc, containing information on mortage customers, should have been encrypted before being sent, the bank said, and should have been sent via secure courier rather than the normal postal service. It blamed human error for the problem, but said it believed the disc was genuinely lost rather than stolen.

An HBOS spokesperson told ComputerWorld: "The disk would usually be encrypted. Unfortunately, due to human error on this occasion the usual policy was not followed. We apologise to our customers for this."

The spokeswoman said procedures had been changed and said a recent string of data breaches were unrelated.

The bank was in trouble in March for losing customer data, and in January it accidentally posted details of 75,000 customers to a woman from Aberdeen who asked for a copy of her bank statement. Also in March, the Information Commissioner named and shamed HBOS, along with 10 other banks, for dumping customer statements in pavement bins.

More from ComputerWorld here. ®

Email Encryption report: Eliminating the Security Risk of Sending Confidential Information by Email

12 comments posted — Comment period finished

Clerk gone?

Posted: 15:26 7th June 2007

In other news....

Posted: 15:33 7th June 2007

Hang on a minute...

Posted: 16:07 7th June 2007

Amazing

Posted: 16:53 7th June 2007

Irrelevant

Posted: 06:46 8th June 2007

More comments…

Track this type of story as a custom Atom/RSS feed or by email.

Related stories

HBOS culls 5% of IT workforce (14 August 2008)
Dear customer: you owe us $211 trillion (3 December 2007)
Info Commissioner audits HBOS (15 May 2007)
UK banks leaving customer info on the pavement (14 March 2007)
UK bank exposes details of 75,000 accounts (31 January 2007)
HBOS to change website after security alert (24 October 2006)

Post to Slashdot

Add to del.icio.us

Previous Article

From small embedded OS to the world's most used open mobile OS

whitepaper title

The Perfect (Virtual) Marriage

Get consistent virtual machine storage savings of 50% (often as high as 90%) with virtually no performance impact with NetApp deduplication..

whitepaper title

Enforce Your Email and Web Acceptable Usage Policies

Unmanaged employee use of email and the web can subject any organization to costly risks. Learn how clearly written Email and Web Acceptable Usage Policies (AUPs) can protect your business.

Whitepapers	Jobs
The Near Horizon Of Mobility CollabNet CUBiT Endpoint Security Management: Total Control from a Single Console How To Tackle Enterprise Spyware	Perl / Sybase Developer - Tax and Regulatory Reporting Group - Investment Bank Infrastructure/Perl Developer (Financial Firm) Sr. Software Developer - Front End Developer (Domain Services) Perl Programmer for Hospitality Company Web Application Engineer

Top 20 stories • All The Week’s Headlines • Archive • Search