Royal Bank of Scotland, NatWest and American Express account holders’ personal details were found on a computer’s hard drive after it was sold on eBay.

The security breach was the latest in a series of incidents involving banks and government departments where sensitive personal data has gone astray.

Critics say the mishaps feel like they are becoming daily: personal bank details are sold on eBay one day, another bank’s computer disc goes missing in the post another day, while a government contractor’s memory stick is lost during another. 

Experts and politicians have called for better security, driven by a “cultural change” and a harsher climate of penalties.

Liberal Democrat MP Tom Brake describes the current approach taken by business and government as “slapdash”, and says they must learn to value the information in terms of how much it would be worth if it got into the wrong hands.

Cyber-Ark, a firm that helps organisations protect highly sensitive data, said organisations must adopt stricter rules preventing staff gaining access to information.

“There is no respect, no concept of value,” the company’s Calum Macleod said.

“There is insufficient care and attention. People who work in IT are allowed to use their privileges to gain access to information which has nothing to do with them.

“It is too easy for these employees to access information — there is far too much emphasis on accessibility. I don’t think organisations have really thought through mobility of information.”

Allowing information to become lost or sold is “bread and butter” for the criminal fraternity who can use the data to assume identities and clear bank accounts.

Do you feel banks and the government take personal data seriously? What could be done to better protect your information?