Nationwide hammered for inadequate security
Careless with customers' data.
By Jeremy Kirk, IDG News Service | Published: 15:50, 14 February 2007
The Financial Services Authority (FSA) has hit the Nationwide building society with a £980,000 fine following the theft of a laptop containing confidential customer information.
The regulator levied the penalty for "failing to have effective systems and controls to manage its information security risks," said the regulator.
Nationwide, which has about 11 million customers, did not realise the laptop contained customer information and waited three weeks before starting an investigation, the FSA said.
Related Articles on Techworld
The laptop was stolen from an employee's home during a burglary in August 2006. The building society believes the thief was after the laptop itself rather than the information on its hard drive.
The data was for marketing purposes and did not contain any PIN numbers, passwords or account balance information, Nationwide said.
Nationwide informed its customers of the problem and no losses were reported, it said. It also commissioned a review of its information security, the FSA said.