Woman Asks For One Statement, Gets 75,000
Woman Asks For One Statement, Gets 75,000
January 30, 2007: Poor control over banking statements raises security concerns
In an embarrassing blunder, Halifax Bank of Scotland, has responded to the request for a bank statement by sending 75,000 statements of its other customers. The mail was received by a 22 year old, Stephanie McLaughlan, in Aberdeen.
The unexpected mail was delivered to her door in five large parcels, each containing 500 statements the UK's BBC News reported today.
The package included names, addresses, account details and sort codes of HBOS' customers.
She told reporters that she was surprised about at the lax security HBOS applied to its customer information, and wondered what exactly she had been paying fees to the bank for if this is the end result.
HBOS, which has been in the media over security concerns now for the second time four months, has responded to media saying it was an 'isolated incident'. The other concern raised was over a report by UK security firm, heise, which claimed that HBOS was one of seven banks whose websites had serious security vulnerabilities. Heise had demonstrated the weakness to all seven banks, but HBOS was amongst three that failed to fix the problem. It only did so after heise raised the second alarm. To this HBOS said it was not a flaw that exposed customers to any risk.
To put this figure in perspective, the Privacy Rights Clearinghouse has recently cracked the 100 million mark for lost or stolen records. under California's 1386 bill, Beoing was obligated to report to individuals the loss of 382,000 records via a stolen laptop. No similar law exists in Australia or the UK.