Zurich Insurance slammed with £2.28 million fine for losing customer data

Graham Cluley
Graham Cluley
@[email protected]

Zurich Insurance slammed with £2.28 million fine for losing customer data

The UK branch of Zurich Insurance has been fined a whopping £2.28 million after losing details of 46,000 customers.

The fine, imposed by the Financial Services Authority (FSA), comes as a result of Zurich Insurance losing customers’ confidential information when an unencrypted backup tape went missing during its transfer to a data storage centre in South Africa in August 2008.

Lost records included details of customers’ identities, and in some cases bank account and credit card information, and other financial information. Questions must be asked as to why this sensitive data was not encrypted at the very least.

Sign up to our free newsletter.
Security news, advice, and tips.

The FSA said it was was the highest fine it had yet imposed for a data security foul-up.

The only silver lining is that no evidence has been uncovered that the lost data has been misused by identity thieves, and Zurich Insurance says it has introduced new security measures since the security incident.

BBC News reports that Zurich Insurance could have faced an even tougher penalty if it had not agreed to settle at an early stage of the FSA’s investigation. That settlement reduced the fine by 30%, from a possible £3.25 million.

If figures like that make your eyes water, make sure that you are taking steps now to protect the sensitive data that your company holds. All organisations need to take the necessary measures to avoid data breaches, and protect the potential victims of data loss.

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.