Bank of Ireland Fined €463,000 Over Data Breaches
Bank of Ireland has been fined 463,000 Euros, (U.S. $504,000) by the Irish Data Protection Commission (DPC) for a number of data breaches from November 2018 to June 2019 affecting customers personal information. The DPC said it investigated the series of data breaches made by the bank, which impacted more than 50,000 customers.
The notifications concern the corruption of information in the Bank of Ireland’s data feed to the Central Credit Register (CCR), a system that stores loan information.
The findings concern the corruption of information as it pertains to Central Credit Register (CCR) regulations, a system that stores loan information. The CCR processes the Bank of Ireland’s data feed. The latter company was fined for a delay in communicating the data breaches with the affected customers. The DPC confirmed that 19 of the reported incidents constitute data breaches under Ireland’s General Data Protection Regulation (GDPR). In addition to the fines, the DPC issued a reprimand and has ordered that the Bank of Ireland comply with data protection regulations in place in the country.
Since the release of information, the Bank of Ireland has said it notified all affected customers and has rectified any inaccurate information as it pertains to the case.
In a statement the bank apologised and said it notified all impacted customers and “rectified the inaccurate information reported to the CCR in all but 20 cases, which will be corrected shortly.” It has also taken measures to improve its ongoing CCR reporting, including error management procedures and a process that enables faster correction of errors.
Bank of Ireland said it “acknowledges and sincerely apologises” for the breaches identified by the DPC and said that it had taken measures to address the failings identified.
“The bank has notified all impacted customers,” it said. “It has rectified the inaccurate information reported to the CCR in all but 20 cases which will be corrected shortly... The bank has engaged fully and proactively with the commission during its inquiry and will continue to do so as it implements these additional measures as quickly as possible.”
Irish Examiner: Compliance Week: Finextra: RTE: Infosecurity Magazine: Oodaloop: DataBeaches:
You Might Also Read:
EU Fines For GDPR Breaches Increase Fivefold: