Royal Bank of Scotland, NatWest and American Express account holders’ personal details were found on a computer’s hard drive after it was sold on eBay.
The security breach was the latest in a series of incidents involving banks and government departments where sensitive personal data has gone astray.
Critics say the mishaps feel like they are becoming daily: personal bank details are sold on eBay one day, another bank’s computer disc goes missing in the post another day, while a government contractor’s memory stick is lost during another.
Experts and politicians have called for better security, driven by a “cultural change” and a harsher climate of penalties.
Liberal Democrat MP Tom Brake describes the current approach taken by business and government as “slapdash”, and says they must learn to value the information in terms of how much it would be worth if it got into the wrong hands.
Cyber-Ark, a firm that helps organisations protect highly sensitive data, said organisations must adopt stricter rules preventing staff gaining access to information.
“There is no respect, no concept of value,” the company’s Calum Macleod said.
“There is insufficient care and attention. People who work in IT are allowed to use their privileges to gain access to information which has nothing to do with them.
“It is too easy for these employees to access information — there is far too much emphasis on accessibility. I don’t think organisations have really thought through mobility of information.”
Allowing information to become lost or sold is “bread and butter” for the criminal fraternity who can use the data to assume identities and clear bank accounts.
Do you feel banks and the government take personal data seriously? What could be done to better protect your information?
Trackback
2 comments so far
The vital question on the preservation of anyone’s personal data.has been appearing particularly in the banking sector,financial institutions and other governmental concerns.The cases theft of such personal data, have been occuring repeatedly somehow,creating tension among the concerned persons who have been victimised later on through such concealed transmission of personal data.Miscreants are alleged involved in such piracy.They could even be well linked with the respective concerned employee.It has followed in few cases that,an employee is being manipulated by the criminal grop anyhow. Beside this,IT professionals could be the secured channel to the muscreants for grabbing the required data of someone.The concerned authority should take care of it vehemently leaving no room for slipping out any data by no means.Such care should not be treated as obligatory.It is to be treated as customary as well as moral responsibility of the dealing concern.
- Posted by PRANAB HAZRADear Reuters:
Actually, I made a very similar mistake in the
Province of Alberta.
Nowdays there are affordable utilities that
actually allow you to delete your hard drive before
donating or giving away outdated equipment.
For the Banks/Credit Lenders they should have
been twice as serious about security twice as long
ago.
Persons have even noted the “Perfect” Bank
robbery etc. (Binary Digits)?
DO NOT PUBLISH - SAY HELLO TO STAFF
Very Truly Yours,
-/- Heinz
- Posted by Karl-Heinz KlumperDeutschland Sovereign