A mortgage company has been found in breach of the Data Protection Act after accidentally emailing details of more than 15,000 customer accounts to a member of the public.
In a statement released this week, the Information Commissioners Office (ICO) said that Redstone Mortgages Ltd was found in breach of the act after sending customer details by email without bothering to encrypt or password protect the information. The information was meant for a consultant but was sent to a member of the public with a similar email address on 3 August 2009.
According to the undertaking document, Redstone had been sending unsecured customer data by email every month since 2005.
The chief executive of Redstone Mortgages David Lautier has now signed an undertaking to make sure all future customer information will be password protected before being emailed. Redstone will also be required to implement other security measures to protect personal data, the ICO said.
“It is essential that the right procedure is followed and care is taken when sending out emails of this nature. If personal information falls into the wrong hands, individuals could experience considerable distress,” said ICO head of enforcement and investigations, Sally-Anne Poole. “It appears that this method of sending out reports containing personal information has been common practice within the company for a while. I am pleased that Redstone Mortgages has agreed to take remedial steps to safeguard personal information and prevent a similar incident happening again.”
In January the ICO warned that businesses that do not own up to data breaches will face tougher action than those that come forward of their own volition. The ICO said that more than 800 data security breaches have been reported over the last two years. The ICO warns that companies that approach it voluntarily will still face some action, but those businesses which attempt to cover-up security incidents will be hit with much tougher penalties.
The Conservative Party’s plans to increase privacy and reduce the amount of government data will involve a big increase in the powers of the Information Commissioner, a London meeting heard last week. “Our personal data belongs to us, and the government holds it on trust,” said Eleanor Laing, MP, the shadow Minister for Justice, speaking at a Westminster Legal Policy Forum meeting in London.
Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…
Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…
Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…
Welcome to Silicon In Focus Podcast: Tech in 2025! Join Steven Webb, UK Chief Technology…
European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…
San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…
View Comments
It's amazing to think that 2 years later that this type of error is still going on. A lot of companies still don't have the protection that they require to ensure the safety of their customers data.