This article is from the source 'bbc' and was first published or seen on . It will not be checked again for changes.
You can find the current article at its original source at http://news.bbc.co.uk/go/rss/-/1/hi/uk/7581540.stm
The article has changed 11 times. There is an RSS feed of changes available.
| Version 7 | Version 8 |
|---|---|
| Bank customer data sold on eBay | Bank customer data sold on eBay |
| (30 minutes later) | |
| An investigation is under way into how a computer containing bank customers' personal data was sold on an internet auction site. | An investigation is under way into how a computer containing bank customers' personal data was sold on an internet auction site. |
| The computer, which was sold for £77 on eBay, had sensitive information on the hard drive. | The computer, which was sold for £77 on eBay, had sensitive information on the hard drive. |
| The Royal Bank of Scotland (RBS) and its subsidiary, Natwest, have confirmed their customers' details were involved. | The Royal Bank of Scotland (RBS) and its subsidiary, Natwest, have confirmed their customers' details were involved. |
| RBS said an archiving firm told it the computer had been "inappropriately sold on via a third party". | RBS said an archiving firm told it the computer had been "inappropriately sold on via a third party". |
| It said historical information relating to credit card applications for its bank and others had been on the machine. | It said historical information relating to credit card applications for its bank and others had been on the machine. |
| Basic knowledge | Basic knowledge |
| The information is said to include account details and in some cases customers' signatures, mobile phone numbers and mothers' maiden names. | The information is said to include account details and in some cases customers' signatures, mobile phone numbers and mothers' maiden names. |
| Andrew Champman on how he 'bought' bank customers' details | Andrew Champman on how he 'bought' bank customers' details |
| The problem came to light when IT manager Andrew Chapman, 56, from Oxford, bought the computer, noticed the data and raised the alarm. | The problem came to light when IT manager Andrew Chapman, 56, from Oxford, bought the computer, noticed the data and raised the alarm. |
| He said: "I was appalled when I found the bank account information. That sort of thing shouldn't have been listed on there." | He said: "I was appalled when I found the bank account information. That sort of thing shouldn't have been listed on there." |
| Mr Chapman said anyone with a basic knowledge of computer software would have been able to find the data fairly simply. | Mr Chapman said anyone with a basic knowledge of computer software would have been able to find the data fairly simply. |
| "The information was in back-up CDs and in ISO files so it would have been possibly quite easy to find if you know something about computers," he said. | "The information was in back-up CDs and in ISO files so it would have been possibly quite easy to find if you know something about computers," he said. |
| Extremely regrettable | Extremely regrettable |
| RBS and Natwest - two of the three businesses involved - said they were taking the issue very seriously and are working to resolve it "as a matter of urgency". | RBS and Natwest - two of the three businesses involved - said they were taking the issue very seriously and are working to resolve it "as a matter of urgency". |
| A spokeswoman for data processing company Mail Source, which is part of the archiving firm Graphic Data, said it was investigating how the computer equipment had been removed from a secure location. | A spokeswoman for data processing company Mail Source, which is part of the archiving firm Graphic Data, said it was investigating how the computer equipment had been removed from a secure location. |
| "The IT equipment that appeared on eBay was neither planned nor instructed by the company to be disposed," she said. | "The IT equipment that appeared on eBay was neither planned nor instructed by the company to be disposed," she said. |
| The incident was extremely regrettable and the firm was "taking every possible step" to retrieve the data and ensure it was an isolated incident, she added. | The incident was extremely regrettable and the firm was "taking every possible step" to retrieve the data and ensure it was an isolated incident, she added. |
| Clearly such details should never have been included in the hard drive of the computer offered for sale on eBay eBay spokesman When financial data goes missing | Clearly such details should never have been included in the hard drive of the computer offered for sale on eBay eBay spokesman When financial data goes missing |
| The Daily Mail said the computer contained one million bank customers' personal data. | The Daily Mail said the computer contained one million bank customers' personal data. |
| A spokesman for eBay said they were currently looking into what had happened. | A spokesman for eBay said they were currently looking into what had happened. |
| "Clearly such details should never have been included in the hard drive of the computer offered for sale on eBay," said the spokesman. | "Clearly such details should never have been included in the hard drive of the computer offered for sale on eBay," said the spokesman. |
| "We fully expect Mr Chapman to hand it back to Graphic Data as soon as possible. We will of course work with Graphic Data to establish how it came to be available for sale on our site." | "We fully expect Mr Chapman to hand it back to Graphic Data as soon as possible. We will of course work with Graphic Data to establish how it came to be available for sale on our site." |
| A spokeswoman for the third company reported to be involved, American Express, said it took the security of its card members' data "extremely seriously". | A spokeswoman for the third company reported to be involved, American Express, said it took the security of its card members' data "extremely seriously". |
| "We are currently working as a matter of priority to establish exactly what data is impacted and identify the card members who may be affected," she said. | "We are currently working as a matter of priority to establish exactly what data is impacted and identify the card members who may be affected," she said. |
| The Information Commissioner's Office said an investigation would be launched as soon as Mr Chapman had handed the computer in to them. | |
| A spokeswoman said: "We are now investigating this potential data breach and will be seeking an urgent explanation from Graphic Data to establish what has gone wrong and the steps that are being taken to prevent a similar incident occurring." | |
| Banks have an obligation under the Data Protection Act to keep all personal information secure. | |
| Last year the Financial Services Authority fined the Nationwide Building Society £980,000 for a security breach, after a laptop containing customer data was stolen from an employee's home. |