Categories: SecurityWorkspace

Bank Account Mixup Lands Prudential With £50k Fine

The Information Commissioner’s Office (ICO) has handed out a rare fine to a private sector organisation for mishandling of information, as Prudential was told to cough up £50,000.

The penalty was served after a mix-up of two customers’ account details led to tens of thousands of pounds being handed to the wrong person. Instead of going into one individual’s retirement fund, it actually went to a different customer’s account.

In its defence, Prudential said the mixup was partly down to the fact that the two customers had the same name and date of birth.

Prudential mixup

The fine marks the first time a private company has been punished by the ICO where there was no “significant data loss”. Prudential has accepted the fine and will not appeal, even though it passed the blame onto an independent financial adviser.

“We are very sorry for any distress and inconvenience experienced by the two customers, and we have apologised and compensated them. We regret that this incident occurred and was not resolved more quickly,” a spokesperson for Prudential said.

“The … accidental merging of the two customers’ details was not the result of system or process failures. It originally happened when the financial adviser of the first customer mistakenly provided the address of the second customer to us and requested that we change the first customer’s registered address.

“The problem was rectified in 2010 to the satisfaction of the ICO. We co-operated openly and fully with the review and we accept the fine imposed. Neither customer has suffered financial loss.

“When this issue came to light we reviewed our procedures and staff training and made changes to minimise the chances of a similar error occurring again.”

Stephen Eckersley, ICO head of enforcement, said the customer files were “consistently confused” and Prudential “failed to remedy the situation despite being alerted to the problem on more than one occasion before it was finally resolved”.

“We hope this penalty sends a message to all organisations, but particularly those in the financial sector, that adequate checks must be in place to ensure people’s records are accurate,” he added.

Are you a security pro? Try our quiz!

Thomas Brewster

Tom Brewster is TechWeek Europe's Security Correspondent. He has also been named BT Information Security Journalist of the Year in 2012 and 2013.

Recent Posts

UK’s CMA Readies Cloud Sector “Behavioural” Remedies – Report

Targetting AWS, Microsoft? British competition regulator soon to announce “behavioural” remedies for cloud sector

10 hours ago

Former Policy Boss At X Nick Pickles, Joins Sam Altman Venture

Move to Elon Musk rival. Former senior executive at X joins Sam Altman's venture formerly…

13 hours ago

Bitcoin Rises Above $96,000 Amid Trump Optimism

Bitcoin price rises towards $100,000, amid investor optimism of friendlier US regulatory landscape under Donald…

14 hours ago

FTX Co-Founder Gary Wang Spared Prison

Judge Kaplan praises former FTX CTO Gary Wang for his co-operation against Sam Bankman-Fried during…

15 hours ago