System Glitch Confuses Bank’s Customers
Grupo Santander, a banking firm based in Spain, has reported to the Financial Services Authority (FSA) a system glitch with its printers that led to the distribution of 35,000 bank statements to wrong recipients, risking millions of pounds in fine for the data breach.
The erroneously released bank statements containing personal information of Santander customers, such as name, address, bank details and recent transactions, came after one of the bank’s printers experienced system glitch and produced more or less 35, 000 copies, according to a Santander employee.
The Information Commissioner’s Office said it has been receiving similar instances of report about Santander’s system glitch but added that the bank did not give any official statement regarding the blunder.
Grupo Santander has already confirmed that the system glitch would not affect all its 35, 000 customers whose bank statements were sent to third parties as the printer failure occurred only on December 18. The bank has also vowed to answer questions and calls from the customers affected by the system glitch, even to the extent of refunding any losses that could be incurred from the blunder.
A spokesperson from Grupo Santander said the bank is already taking the problem as its highest priority and will tighten its policies to avoid such incident from taking place again in the future, describing the system glitch as a “one-off incident.”
In November this year, the ICO has handed out its first implementation of regulatory action against several entities that committed data breach. The first case involved Hertfordshire County Council when its employees have disseminated personal data to wrong recipients twice through fax. The second case implicated A4e when an unencrypted laptop containing personal information of 24,000 people that used community legal advice centers in Hull and Leicester has been stolen.
The ICO has already committed to tighten its security rules to send a message to all firms that they cannot get away with their violations against data privacy laws, be it caused by system glitch or human error.