January 30, 2007
In an embarrassing blunder, Halifax Bank of Scotland, has responded to
the request for a bank statement by sending 75,000 statements of its
other customers. The mail was received by a 22 year old, Stephanie
McLaughlan, in Aberdeen.
The unexpected mail was delivered to her door in five large parcels,
each containing 500 statements the UK's BBC News reported today.
The package included names, addresses, account details and sort codes of
She told reporters that she was surprised about at the lax security HBOS
applied to its customer information, and wondered what exactly she had
been paying fees to the bank for if this is the end result.
HBOS, which has been in the media over security concerns now for the
second time four months, has responded to media saying it was an
'isolated incident'. The other concern raised was over a report by UK
security firm, heise, which claimed that HBOS was one of seven banks
whose websites had serious security vulnerabilities. Heise had
demonstrated the weakness to all seven banks, but HBOS was amongst three
that failed to fix the problem. It only did so after heise raised the
second alarm. To this HBOS said it was not a flaw that exposed customers
to any risk.
To put this figure in perspective, the Privacy Rights Clearinghouse has
recently cracked the 100 million mark for lost or stolen records. under
California's 1386 bill, Beoing was obligated to report to individuals
the loss of 382,000 records via a stolen laptop. No similar law exists
in Australia or the UK.
Subscribe to InfoSec News