Bank of Scotland blames human error in data screw-up

Bank of Scotland (HBOS) is telling 62,000 customers they could be at risk of identity theft after it stuck an unencrypted disc in the ordinary post, which was subsequently lost. The disc, containing information on mortage customers, should have been encrypted before being sent, the bank said, and should have been sent via secure courier rather than the normal postal service. It blamed human error for the problem, but said it believed the disc was genuinely lost rather than stolen.

An HBOS spokesperson told ComputerWorld: "The disk would usually be encrypted. Unfortunately, due to human error on this occasion the usual policy was not followed. We apologise to our customers for this." The spokeswoman said procedures had been changed and said a recent string of data breaches were unrelated

View: the full story
News source: The Reg

Report a problem with article
Previous Story

Microsoft Fixes Windows Mobile Sync

Next Story

AMD battles Barcelona delay rumours

7 Comments

"Should of" I'm sick and tired of hearing huge business screwing up so easy like this.

There should always be another person to double check ones work of such high importance. ALthough one person may screw up, sometimes it is un-acceptable. I have no remorse if this person is fired, they should not hold such a high secuirty risk job ever again.

Bank of Scotland (HBOS) and Royal Bank of Scotland (RBS) are completely different banks, the cash-point incidents you are referring to relates to RBS

mKouk said,
Bank of Scotland (HBOS) and Royal Bank of Scotland (RBS) are completely different banks, the cash-point incidents you are referring to relates to RBS

My mistake, kinda slipped me mind.

Aw, the one time an unencrypted disc is sent via snail mail it gets lost! What are the chances of that?

BofH, I'm staring in your direction

A couple of questions I have:

  1. Where were HBOS sending this data, that it couldn't be transfered over their network? and other than in the really tiny small print, do HBOS do this with customer data all the time?
  2. For customers to be at risk of identity theft, this wasn't just MI, it sounds more like an extract of customer application/account details, what reason would they have to do this?

Commenting is disabled on this article.