An ICO spokesperson said:
“We have recently been informed of a data breach involving Santander. We will be making enquiries into the circumstances of the apparent breach of the Data Protection Act before deciding what action, if any, needs to be taken.
“Under the Data Protection Act, organisations that process personal information have an obligation to keep it secure; therefore, it is a matter of concern if information such as account details have been incorrectly provided to the wrong recipient. Banks risk losing the confidence and trust of their customers if they fail to safeguard personal information. It is therefore in the interests of both the bank and the customer that this information is handled in line with the requirements of the Act.”