The Information Commissioner’s Office (ICO) has served the Bank of Scotland with a monetary penalty of £75,000 after customers’ account details were repeatedly faxed to the wrong recipients. The information included payslips, bank statements, account details and mortgage applications, along with customers’ names, addresses and contact details. The documents were faxed over a three year period, with the…
Category: Exposure
UK: Workers’ personal information found in cabinet sold at auction
Here we go again: personal information left in filing cabinets that are surplussed or auctioned off. The personal details of dozens of employees from a council-owned waste company have been found in a filing cabinet bought at auction. The misplacing of the documents from Premier Waste Management was last night described as “diabolical” by a…
OK: Juvenile records found unsecured in old courthouse
Salesha Wilken reports: Juvenile court records, which by law are not open to the public, were found Wednesday strewn about the old Rogers County Courthouse, left unsecured and available to anyone who happened on them. The criminal index cards — including information about arrests, victims and “deprived” juvenile cases — were discovered by District Court…
E-mail gaffe exposed Ruby Tuesday employee financial data to a former employee
An e-mail gaffe by a Support Center employee Ruby Tuesday exposed current employees’ information to a former employee. The spreadsheet, inadvertently attached to the July 8 e-mail, contained employees’ names, Social Security numbers, bank name, bank account type, bank account numbers and routing numbers. Ruby Tuesday immediately tried to recall the e-mail, and contacted the recipient…
Man who tries to report breach to Sears finds himself talking to someone in India?
Here we go again. It’s bad enough to have an easily avoidable breach. It’s worse when you make it difficult for people to report it to you. Today’s entry in this Hall of Shame is Sears. Nesita Kwan reports personal information of hundreds of former Sears employees, including their Social Security numbers, photos, records with…
Employees of five client firms notified by Fidelity Investments that their data were exposed to the wrong parties
Fidelity Investments has reported a number of breaches this year, all involving exposure of information to the wrong people: On June 17, Fidelity notified the NH Attorney General’s Office that information (names and Social Security numbers) of Apria Healthcare plan members was accidentally included in a secure email sent to three employees of another client…