ZDNet UK


Skip to Main Content

  1. Home
  2. News
  3. Blogs
  4. Reviews
  5. Jobs
  6. Resources
  7. Community
  8. My ZDNet

 

ZDNet UK RSS Feeds


Security threats Toolkit

Data Breaches

Bank of Ireland loses four unencrypted laptops

Tom Espiner ZDNet.co.uk

Published: 23 Apr 2008 16:20 BST

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

The Bank of Ireland has lost four laptops containing sensitive customer details of approximately 10,000 people.

The laptops were not encrypted, according to a Bank of Ireland spokesperson. Customer details lost include bank accounts, names, addresses and medical details. The laptops only had standard username and password logins by way of security, according to the spokesperson.

Customers affected are those who took out or obtained a quote for a life-insurance policy from Bank of Ireland Life from branches in Drogheda; Dunleer; Bagnelstown; Court Place, Carlow; Stephen's Green; Tallaght; and Montrose last year, according to a statement on the Bank of Ireland website.

The four laptops were all stolen between June and October last year. Three were stolen from the boots of cars, said the spokesperson. The Bank of Ireland is only now starting to inform customers by letter as to whether they may have been affected.

According to the spokesperson, the thefts were reported to the Garda at the time but not to senior management.

"The issue arose in February of this year as part of routine compliance monitoring. That was when the issue came to light, at which time, a full investigation began; we had to do a full investigation [before informing customers]. We will be writing to customers in the next number of days," said the spokesperson.

Jason Hart, European chief executive of encryption company CryptoCard, told ZDNet.co.uk that, as well as customer details being compromised, the laptops themselves could hypothetically have been used in an attack through virtual private network (VPN) clients.

Read this

Comment
PGP: Encryption alone no cure for data breaches

In the fight against security breaches, PGP CEO Phil Dunkelberger cautions that encryption by itself is not the answer...

Read more +

"You have unencrypted laptops being lost and they all have VPN clients into the business — that's a bigger risk," said Hart. "You can crack usernames and passwords easily, and usernames and passwords are [usually] the same to access other systems."

The Bank of Ireland spokesperson said there had been no unauthorised attempts to log into the bank's systems, and added that the bank had seen "no evidence of fraudulent activity" on any of the affected customers' accounts.

The spokesperson declined to comment as to whether the bank had changed its VPN clients as a result of the laptop losses but said that it was in the process of implementing encryption on all of its laptops, and that the encryption process would be completed "by the end of the week".

Ireland's data-protection commissioner, Billy Hawkes, has been informed, as well as other regulators, added the spokesperson.

  • Email
  • Trackback
  • Clip Link
  • Print friendlyPrint with Konica
Data Breaches

Did you find this article useful?
3 out of 3 people found this useful


In association with Intel

Talkback

Post a comment


Full Talkback thread

0 comments

Related Links

More in this Special Report

The top five internal security threats

The top five internal security threats

It's widely known that internal staff are the biggest threat to IT security, but what specifically should an employer watch out for? more

Keeping mobile data from going walkabout

Keeping mobile data from going walkabout

Mobile email is no longer the preserve of upper management but providing access to company information on the go has its risks more

Lib Dems call for data guardians

Lib Dems call for data guardians

The Liberal Democrats are seeking the introduction of data guardians into the public and private sector, to protect citizens' information rights more

Worker suspended over loss of prisoner data

Worker suspended over loss of prisoner data

An employee at Home Office contractor PA Consulting has been suspended after the loss of a memory stick holding the unencrypted details of every prisoner in England and Wales more

Ministry of Justice reports nine data breaches

Ministry of Justice reports nine data breaches

The ministry reported the data breaches, affecting around 45,000 people, to the Information Commissioner's Office in the last financial year more

Foreign Office reports five data breaches since 2007

Foreign Office reports five data breaches since 2007

The data breaches at the Foreign and Commonwealth Office are thought to have affected less than 188 people in total more

ICO: Gov't ignoring data-sharing hazards

ICO: Gov't ignoring data-sharing hazards

The government is blindly pursuing data-sharing plans without heeding the potential pitfalls, information commissioner Richard Thomas has claimed more

Lords presses government for data-breach law

Lords presses government for data-breach law

The House of Lords has again urged the government to introduce a data-breach notification law, adding that banks should be liable for e-fraud losses more

Video: Get the most out of your data

Video: Get the most out of your data

How do companies deal with information management? Jonathan Steel, CEO of tech-research firm The Bathwick Group, gives insights based on a recent ZDNet.co.uk benchmark survey more

Justice minister urges overhaul of gov't data handling

Justice minister urges overhaul of gov't data handling

Michael Wills has called for the government to handle data transactions as carefully as financial transactions more

MoD announces data-protection action plan

MoD announces data-protection action plan

The ministry has published a plan of how it intends to meet 51 data-policy recommendations made as part of review into the loss of MoD laptops more

Systemic failure blamed for HMRC data loss

Systemic failure blamed for HMRC data loss

Two reports have found the loss by HMRC of 25 million child-benefit claimant details was 'entirely avoidable' more

Featured Oracle Resources

Human Resources Management eBook

Supply Chain Management eBook

Design and Innovation Report

Economist Intelligence Unit Report - Technology and growth at mid-sized companies

See All White Papers

More In Security threats


Company/Topic Alerts

Create a new alert from the list below:







Related Jobs

Accounts Team Manager- International Commercial Bank- Northamptonshire- 35k

CUSTOMER SERVICE & LOGISTICS SPECIALIST

CLIENT SERVICES AGENT

Sentry Posts Blog

The Technological Singularity

Are we approaching a point when machines may wake up and become self or seemingly self aware? Vernor Vinge in 1993 seemed to think so. He refered to this event as the "technological... More

1 comment

Mobile Operating Systems: MOPS At a Gl...

Mobile Operating Systems: At a Glance Author: Eric Everson, Founder MyMobiSafe Since posting my blog exposing the security Google G1 security issue, I have received a few emails... More

Post a comment

Met Police catch test cheats

I saw the funny side of this press release, I can just imagine the two people sitting in the car giving the answers to the questions. Why they had wires running from under the bonnet... More

Post a comment