A Halifax building society employee last week had data on 13,000 mortgage customers stolen from their car. Halifax is now writing to each of these customers promising they will cover the cost of any fraudulent activity that results. The Financial Services Authority, after in February fining Nationwide building society almost £1m for a similar breach, is investigating.
I do hope the laptop disk concerned was encrypted. But why do financial services institutions persist in allowing employees to take massive collections of personal data home on laptops? And why is financial services the only sector where data breaches are taken seriously? If only the Information Commissioner's Office would take similar action to the FSA.