Slashdot Mirror

← Back to Stories (view on slashdot.org)

UK Banks Dump Credentials in Bin Bags

Posted by ryuzaki0 on from the airing-the-trash dept.

Plutonite writes "BBC news is reporting that several UK banks face 'unlimited fines' for careless handling of sensitive client information. This apparently came after investigators found account details while rummaging through the trash outside the banks involved. In this age of online banking and related security problems, and in light of this scandal, where can we expect to find the greatest threat of ID theft?"

4 of 87 comments (clear)

  1. Re:Laws by James_Duncan8181 · · Score: 4, Informative

    Actually the Data Protection Act is UK law, and makes these fines possible. We have all the protections that USians on /. frequently wish for. From the relevant Act:

    2.1 Regarding the release of personal data to third parties without specific consent (or publication with the same effect), the assumption is that this is not permitted, except where specific exemptions apply. These exemptions now include:

    - where required by law or statutory instrument;

    - where required to prevent or detect crime;

    - where required to assess or collect tax or duty;

    - release to a third party who is sub-contracted to process the data in a way that meets DPA rules.

    2.2 With regard to subject access rights, the data subject is presumed to be entitled to access all personal data held about her/himself that falls under the scope of the new Act, with the following main exemptions (i.e. cases where the controller of the data may decline to release certain data, but must justify doing so):

    - where disclosure unavoidably identifies a third party;

    - where the data was supplied in confidence e.g. references and similar judgements (but please note that examiners' marks and/or comments cannot be assumed to be exempt from disclosure.)

    What else could you want? The Act allows for both civil and criminal penalties, so the banks may well be in for quite the can of whoopass.

    --
    "To any truly impartial person, it would be obvious that I am right."
  2. it aint ever been safe by eneville · · Score: 4, Informative

    time to store all my money under the mattress now.

    its not really easy to get money out the banks though. they open after i start work, close before i finish, they're difficult during the lunch hour. hell, they only people they're accessible to is bank robbers.

    --
    Why UNIX?
  3. hard to say how they do it by v1 · · Score: 3, Informative

    A former manager of mine used to be the IT director at a bank. There, when they upgraded computers, they went out to the dump and had a 'hard drive party". They removed the hard drives from the computers before tossing them in, disassembled them, and beat the platters throughly with hammers, then frisbee'd them into the hole and watched them be coverd up by the dozer.

    I was under the impression that banks always were anal about destruction of customer records.

    The US Navy has an interesting method also. They have these three level shredders. First level does strips. Second level does squares. Thrid level can best be described as "paper dust", it's the consistency of fine sawdust. Then they flush that out below decks directly into the water. Good luck getting that back.

    --
    I work for the Department of Redundancy Department.
  4. Re:Talinkg Points by Rekolitus · · Score: 2, Informative

    You do know you can get debit cards on the VISA network, right?

    I don't know about prepaid, but that's what my bank gave me, and I've never had a situation where it's been rejected online for being a debit card rather than a credit card.