Nationwide, the UK's largest building society, was fined £1m by the Financial Services Authority yesterday, after the theft of a laptop from the home of one of its employees jeopardised the security of the accounts of its 11 million customers.
The laptop was stolen from the home of a long-standing Nationwide employee last August. But the company did not begin investigating the significance of the theft until three weeks later.
The regulator criticised the building society yesterday for not taking action sooner, and for not having adequate procedures in place to ensure customer information was properly protected.
Although Nationwide eventually conceded that the computer held a considerable amount of confidential customer data, it said the information was not enough to have facilitated identity fraud on its own, and did not include any PINs, passwords, account balance information or memorable data.
Nationwide would not confirm the exact nature of the data on the laptop, claiming it had been advised by the police to limit the level of detail it revealed about the computer.
Margaret Cole, the director of enforcement at the FSA, said: "Nationwide is the UK's largest building society and holds confidential information for over 11 million customers. Nationwide's customers were entitled to rely upon it to take reasonable steps to make sure their personal information was secure."
Nationwide said that both itself and the police believed the computer had been stolen for its intrinsic value as a laptop, rather than for any information contained on it.Reuse content