Record Fine For Data Loss

The UK operation of Zurich Insurance has been fined £2.27m by the Financial Services Authority (FSA) for losing personal details of 46,000 customers.

It is the highest fine levied on a single firm for data security failings.

Margaret Cole, the FSA’s director of enforcement and financial crime, said: “Zurich UK let its customers down badly.” Stephen Lewis, chief executive of Zurich UK, said: “This incident was unacceptable.”

The FSA says the loss could have led to serious financial detriment for customers and even exposed them to the risk of burglary.

Zurich UK outsourced the processing of some of its general insurance customer data to Zurich Insurance Company South Africa Limited. In August 2008, Zurich SA lost an unencrypted back-up tape during transfer to a data storage centre but Zurich UK did not learn of the incident until a year later.

By agreeing to settle at an early stage, Zurich received a 30 per cent discount on what would have been a fine of £3.25m.

Utilising encryption such as PGP (Symantec) ensures that data copied to removable media or held on a laptop ensures that in the event of loss or theft the data remains secure. To discuss how Cohort Technology can help provide high security encryption please contact us today on 0845 094 8828.

Read more about the story here