The Drum reports:
Aviva has admitted that a number of its employees stole the details of customers leading to some receiving up to ten calls per day in a bid to persuade them to make personal injury claims.
It is the second time the insurance company has been hit by a data theft: a similar situation arised in February this year. Those targetted were customers who had recently suffered an accident and claimed insurance via Aviva.
Actually, the other incident was disclosed in February of 2014 – not 2015 – when Aviva announced that it had fired two employees after customer claims information and car details may have been accessed or disclosed to third party companies. The employees were subsequently arrested.
Read more on The Drum. The BBC has additional details. What’s not clear is why Aviva waited so long to notify customers if they discovered the problem towards the end of 2014. Maybe if the UK had better breach notification regulations…?