By Miya Knights and Rene Millman
14th September 2007
UK online loans company, Loans.co.uk has said it suffered a security
breach that has resulted in customer details being passed to other loan
companies without authorisation.
The company said it recently learned of the breach and has contacted
affected customers, although it would not say how many were affected. It
did say sensitive information including names, addresses and dates of
birth was compromised however.
"We have no evidence to suggest that this information has been used for
any purpose other than marketing activity," said the company in a
statement. "The individuals are people who applied to us for a loan, but
we are not aware of any existing customers' details being provided."
The company has offered customers involved a year's free subscription to
credit reference agency, Credit Expert so they might check if any
fraudulent claims or applications are made using their details.
The Watford-based company refused to give any further details on the
nature of the breach, instead saying the matter had been passed onto
local Hertfordshire police and Information Commissioner's Office (ICO)
for further investigation.
Industry commentators said that this latest breach was a wake-up call to
businesses and should make them adopt stricter measures and working
practices to protect confidential data.
"Companies that fail to meet the requirements of the Data Protection
Act, not only face the threat of action from the Information
Commissioner, but also run the risk of losing the trust and confidence
of their customers," said Paul Skinner, senior ICT underwriting
specialist at Chubb Insurance.
Skinner said that ICO has made it clear that breaches are unacceptable
and that violations are likely to result in criminal prosecution in the
"With the ICO calling for stronger powers, this is likely to become an
increasingly common scenario, especially if legislation makes it
compulsory for companies to give notification of a breach," he said.