Thousands of Lloyds Premier Customers Hit by Data Breach

Over 10,000 Lloyds Bank Premier Account holders are at risk of identity theft after their personal details were stolen by hackers.

The data went missing on a storage device taken in July from insurer Royal Sun Alliance (RSA), which provides emergency home cover to the £25-per-month account customers.

The breach affects those who made a claim between 2006 and 2012, according to the Daily Telegraph.

In a brief notice on its website last week, RSA apologized, claiming it had informed its regulators and was in the process of contacting affected customers.

“Unfortunately a data storage device has been reported as stolen from one of our data centers,” it said.

“We are working with the police on a full investigation and although there is no evidence to suggest that this data has been misused in any way, we are offering identity protection with Cifas for two years to provide reassurance to these customers.”

The insurer added that the incident “should never have happened” and revealed that the stolen storage device contained names and addresses, bank account and sort code details.

A statement sent to the paper from the Financial Conduct Authority (FCA) said the watchdog was liaising with the affected firms to ensure customers are protected.

“We will also work with them to look at the root causes of the data loss, since we expect all regulated firms to have adequate systems and controls in place so that customers’ data is not left at risk,” it added.

new report from Gemalto last week claimed that the UK saw more data breaches in the first half of the year than any other European nation. There were 63 reported incidents in 1H 2015 as opposed to just eight in second placed Germany and six in the Netherlands.

However, despite the high tally, just 8.3 million records were exposed in these breaches – only 3.4% of the global total. By comparison, the US accounted for 49% of all compromised records globally.

With no breach disclosure laws until the coming European General Data Protection Regulation is enacted, it’s likely the scale of the problem in the UK and across the region will remain unknown.

What’s Hot on Infosecurity Magazine?