Building society on alert after laptop theft

Yorkshire Building Society said today that it was taking steps to improve its data security after an unencrypted laptop containing customers' details was stolen.

The laptop, which contained a substantial part of Chelsea Building Society's customer database, was stolen from the group's office in Cheltenham, Gloucestershire, on April 19 this year, shortly after the two mutuals had merged.



It was recovered within 48 hours after Yorkshire hired private investigators to assist police in tracking it down.



Forensic computer experts said none of the data on the computer had been accessed during the time it was missing, although there had been several attempts to do so.



The laptop had been used by a Chelsea employee who was working from home. The worker returned it to a manager, who then returned it to Chelsea's former head office in Cheltenham.



It was later discovered that the manager had written down the passwords to the computer and left them in a bag with the laptop under a desk overnight.



The Information Commissioner's Office (ICO) said today that it had found Yorkshire Building Society in breach of the Data Protection Act over the incident.



Mick Gorrill, head of enforcement at the ICO, said: "It is extremely concerning that an unencrypted laptop containing large amounts of personal data was left unsecured overnight, together with details of its passwords.



"What's more, the fact that the employee did not require all the information to carry out the task in hand created an unnecessary risk which could easily have been avoided."



But he added that Yorkshire had taken "prompt and effective action" to prevent a similar incident happening again.



Yorkshire said the incident happened shortly after it had completed its merger with the Chelsea on April 1, when it was still rolling out its "more rigorous security procedures" to the society.



The group has agreed to take a number of steps to improve its data security, including that all portable devices, such as laptops, are encrypted, a measure which is already in place at the Yorkshire, and that all staff are aware of the company's policies for the storage and use of personal data.



Staff will also only be given access to the type and amount of personal data necessary for their work.



A Yorkshire Building Society spokeswoman said: "Yorkshire Building Society takes its duty of care to its members very seriously and was in the process of rolling out the Yorkshire's more rigorous security procedures to the Chelsea at the time of the theft.



"The society took immediate and appropriate remedial action and, as the Information Commissioner's Office has acknowledged, there has been a full review of data security with new safeguards put in place to prevent a repeat of this incident."



Earlier this week Zurich Insurance was fined £2.28 million by the Financial Services Authority after losing personal details on 46,000 policyholders.



The data loss occurred in August 2008 when the South African branch of the company lost an unencrypted back-up tape during a routine transfer to a data storage centre, but Zurich UK did not learn about the incident until a year later.



The regulator has previously fined Nationwide £980,000 for data security failings after a laptop containing customer details was stolen from an employee's home.

Start your day with The Independent, sign up for daily news emails
Latest stories from i100
Have you tried new the Independent Digital Edition apps?

Day In a Page

HIV pill: Scientists hail discovery of 'game-changer' that cuts the risk of infection among gay men by 86%

Scientists hail daily pill that protects against HIV infection

Breakthrough in battle against global scourge – but will the NHS pay for it?
How we must adjust our lifestyles to nature: Welcome to the 'Anthropocene', the human epoch

Time to play God

Welcome to the 'Anthropocene', the human epoch where we may need to redefine nature itself
MacGyver returns, but with a difference: Handyman hero of classic 1980s TV series to be recast as a woman

MacGyver returns, but with a difference

Handyman hero of classic 1980s TV series to be recast as a woman
Tunnel renaissance: Why cities are hiding roads down in the ground

Tunnel renaissance

Why cities are hiding roads underground
'Backstreet Boys - Show 'Em What You're Made Of': An affectionate look at five middle-aged men

Boys to men

The Backstreet Boys might be middle-aged, married and have dodgy knees, but a heartfelt documentary reveals they’re not going gently into pop’s good night
Crufts 2015: Should foreign dogs be allowed to compete?

Crufts 2015

Should foreign dogs be allowed to compete?
10 best projectors

How to make your home cinema more cinematic: 10 best projectors

Want to recreate the big-screen experience in your sitting room? IndyBest sizes up gadgets to form your film-watching
Manchester City 1 Barcelona 2 player ratings: Luis Suarez? Lionel Messi? Joe Hart? Who was the star man?

Manchester City vs Barcelona player ratings

Luis Suarez? Lionel Messi? Joe Hart? Who was the star man at the Etihad?
Arsenal vs Monaco: Monaco - the making of Gunners' manager Arsene Wenger

Monaco: the making of Wenger

Jack Pitt-Brooke speaks to former players and learns the Frenchman’s man-management has always been one of his best skills
Cricket World Cup 2015: Chris Gayle - the West Indies' enigma lives up to his reputation

Chris Gayle: The West Indies' enigma

Some said the game's eternal rebel was washed up. As ever, he proved he writes the scripts by producing a blistering World Cup innings
In Ukraine a dark world of hybrid warfare and murky loyalties prevails

In Ukraine a dark world of hybrid warfare

This war in the shadows has been going on since the fall of Mr Yanukovych
'Birdman' and 'Bullets Over Broadway': Homage or plagiarism?

Homage or plagiarism?

'Birdman' shares much DNA with Woody Allen's 'Bullets Over Broadway'
Broadchurch ends as damp squib not even David Tennant can revive

A damp squib not even David Tennant can revive

Broadchurch, Series 2 finale, review
A Koi carp breeding pond, wall-mounted iPads and a bathroom with a 'wellness' shower: inside the mansion of Germany's 'Bishop of Bling'

Inside the mansion of Germany's 'Bishop of Bling'

A Koi carp breeding pond, wall-mounted iPads and a bathroom with a 'wellness' shower