Are your bank details being sold on eBay?

How much should the details of a million banking customers cost? Well, if you’re looking for it on eBay maybe £35 is about right.

According to many media reports this morning, highly sensitive information on banking customers was found on computer hardware sold on eBay.

Details of American Express, NatWest and Royal Bank of Scotland customers was stored on the hard drive, including names and addresses, mobile phone numbers, bank account numbers, sort codes, credit card numbers, mothers’ maiden names and even signatures.

Graphic Data, an archiving firm who scan and digitise paperwork from some of the UK’s largest financial organizations, were holding the banking information. A former employee of the firm appears to have sold the hardware storing the data on eBay, resulting in the security breach.

Sign up to our free newsletter.
Security news, advice, and tips.

British banking customers will be wiping the sweat off their brows this morning as the data appears not to have fallen into the lap of an identity thief, but ended up with an honest man from Oxford.

However, there have also been reports that a second computer may have been lost.

Banks and financial institutions have a legitimate requirement to store lots of information about us – information which is normally well protected from identity thieves and criminals dead set on plundering our accounts. But when they use third party organizations to help them archive and secure their data, they (and indeed all of us) need to be confident that the information will be treated with the utmost security, and not fall into the wrong hands.

The banks concerned must be fuming this morning at Graphic Data’s apparently lackadaisical attitude to their customers’ data, and will no doubt be asking some tough questions.

* Image source: Liewcf’s Flickr photostream (Creative Commons 2.0)


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "The AI Fix" and "Smashing Security" podcasts. Follow him on Bluesky, Mastodon, and Threads, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.