Tweet
The Information Commissioner’s Office (ICO) has issued a £180,000 civil monetary penalty to The Money Shop, after the short term lender lost computer servers containing details of several thousand customers. In two separate incidents reported to the regulator, one server was stolen from the company’s branch in Lurgan, Northern Ireland and a month later a second server was lost by a courier firm in Swindon. The ICO said neither server had sufficient encryption systems for the company to be confident that the information they contained could not be accessed. The servers, which have still not been recovered, held large numbers of local and national customer records and employee details.
The company’s procedure was that servers should be stored in a separate locked room. But an ICO investigation found that the Lurgan store, and a significant number of other Money Shop branches, didn’t have separate rooms that could be used in this way. The company also had a widespread practice of regularly transporting unencrypted servers between its head office in Nottingham and its branches nationally and old customer records were not being deleted. ICO’s head of enforcement Steve Eckersley said: “Customers of The Money Shop entrusted the company with their personal and financial details with the expectation that the information would be kept safely and securely.....Read more here
- Hi & Welcome to the AAD Consumer Forum
We're a FREE consumer debt and legal forum offering help, support and debate in many areas of day-to-day life. You will need to Register a Free Account before you can join in with the discussion and contribute with your own posts. Remember to also check out the FAQ's so you can get to grips with how the forum works ready to start posting your new topics. Read about the new GDPR 2018 Rules and how it affects you as a member of AAD.