Andrew Chapman received an extra surprise with the computer he bought on eBay for $70. When he examined the hard drive, the IT manager from Oxford, England, was astonished to discover it contained details on a million bank customers.
There was sensitive personal data on customers of NatWest, Royal Bank of Scotland and American Express, including account numbers, credit card balances, sort codes, signatures, names, addresses, mobile phone numbers and even mothers’ maiden names – a treasure trove for criminals, the Daily Mail reports.
The data was held by Graphic Data, which digitally stores bank paperwork, and the computer was sold by a former employee. The newspaper says another computer has gone missing from the company.
Graphic Data said:
“Certain pieces of IT equipment have been removed from a secure area. We are seeking to recover this equipment, which apparently contained customer data.”
“We take customer privacy and data security very seriously.”
A NatWest/RBS spokesman commented:
“RBS and NatWest take data protection extremely seriously and have very strict procedures to ensure the security of information at all times.”
“Any breach of these procedures is totally unacceptable and is investigated as a matter of urgency.”
The Information Commissioner’s office is looking into the matter. This is just the latest in a long line of British data loss scandals, but could potentially have been the most damaging.
- The 55 best shows on Amazon Prime Video right now
- The 98 best movies on Hulu right now
- The 7 best Netflix VPNs to binge-watch your favorite shows
- Is NordVPN safe? A look at its safety and security measures
- The best external hard drives for 2021