Victims of BoI laptop theft treble to 31,500
Tuesday April 29 2008
The increase in the number of affected customers came after the bank identified 'further files'
BANK of Ireland has pledged to compensate the 32,000 customers whose private details were stolen -- but only if they can prove that they were victims of fraud as a direct result of their details being stolen.
Yesterday, the bank confirmed they had seriously underestimated the number of people whose personal information was contained on four bank laptops which were stolen last year.
Last week, the bank claimed that about 10,000 customers had been affected.
However, that number has more than trebled to 31,500.
The increase in affected customers came after the bank identified "further files" which had not been examined when the thefts were revealed last week.
A spokeswoman for the bank said the sensitive and personal details related to life assurance policies, policy applications and a small number of mortgage customers.
"The key thing is that the information didn't contain any bank account passwords or copies of the signatures," she said. "In the unlikely event that any customer is a victim of fraud arising as a direct result, they will be compensated."
The group's internal audit department is carrying out an investigation and letters are being sent out to all affected customers.
Yesterday, a total of 15 people contacted the bank's special helpline, with around 650 calls recorded since the data breach was revealed last week.
But the news of further records being affected has been criticised by the Financial Regulator's chief executive, Patrick Neary.
He said that he was "very concerned" about the increase in numbers and that his office would be examining the security systems which the bank has in place.
"I'm concerned with the system of checks and balances in place in Bank of Ireland," he said. "I think we'll have to look very carefully at it to understand fully how it happened and what steps they're going to take to make sure it doesn't happen again."
Experts
A spokesman for the Data Commissioner said they were informed of the additional numbers affected yesterday morning. A team of data experts is now preparing to go into the Bank of Ireland offices on Thursday.
"We'll be working with them to go through the procedures and go through the issues," he said. "We'll be looking at their safety procedures on a step-by-step basis."
Personal finance expert Eddie Hobbs also attacked the bank for putting its customers -- and others who had inquired about products -- at risk.
"It gets bizarre," he said. "What are ordinary life assurance sales people doing going around with that quantity of information?
"A salesperson working flat out would need 100-150 accounts in one month. It would take many years to accumulate that amount of data on Bank of Ireland customers," he said, adding that one of their priorities should be to always ensure that private information was safe.
He also raised the issue of key information being sent from one part of the bank to another, without customer permission.
He said there had long been a suspicion that data flowed from various banks to a life assurance subsidiary.
"This cannot happen without written approval from a customer," he added.
The bank has also been criticised for having very poor encryption technology on the laptops, making the sensitive information easily accessible to someone with technological expertise.
The additional branches affected are: Bray, Ardee, Arva, Ashbourne, Athboy, Cavan, Bailieborough, Cootehill, Ballybay, Dunboyne, Carrickmacross, Ballyjamesduff, Oldcastle, Kells, Navan, Trim, Kill O' The Grange, Blackrock, Dun Laoghaire, Talbot Street, Greystones and Kingscourt.
- Edel Kennedy
