Bank of Ireland Fined €463,000 Over Data Breaches

Bank of Ireland has been fined 463,000 Euros, (U.S. $504,000) by the Irish Data Protection Commission (DPC) for a number of data breaches from November 2018 to June 2019 affecting customers personal information. The DPC said it investigated the series of data breaches made by the bank, which impacted more than 50,000 customers.   

The notifications concern the corruption of information in the Bank of Ireland’s data feed to the Central Credit Register (CCR), a system that stores loan information.

The findings concern the corruption of information as it pertains to Central Credit Register (CCR) regulations, a system that stores loan information. The CCR processes the Bank of Ireland’s data feed. The latter company was fined for a delay in communicating the data breaches with the affected customers. The DPC confirmed that 19 of the reported incidents constitute data breaches under Ireland’s General Data Protection Regulation (GDPR). In addition to the fines, the DPC issued a reprimand and has ordered that the Bank of Ireland comply with data protection regulations in place in the country. 

Since the release of information, the Bank of Ireland has said it notified all affected customers and has rectified any inaccurate information as it pertains to the case.

In a statement the bank apologised and said it notified all impacted customers and “rectified the inaccurate information reported to the CCR in all but 20 cases, which will be corrected shortly.” It has also taken measures to improve its ongoing CCR reporting, including error management procedures and a process that enables faster correction of errors.

Bank of Ireland said it “acknowledges and sincerely apologises” for the breaches identified by the DPC and said that it had taken measures to address the failings identified.

“The bank has notified all impacted customers,” it said. “It has rectified the inaccurate information reported to the CCR in all but 20 cases which will be corrected shortly... The bank has engaged fully and proactively with the commission during its inquiry and will continue to do so as it implements these additional measures as quickly as possible.”

Irish Examiner:     Compliance Week:    Finextra:    RTE:   Infosecurity Magazine:    Oodaloop:     DataBeaches

You Might Also Read: 

EU Fines For GDPR Breaches Increase Fivefold:

 

« Cyber Security: GCHQ's Director Speaks Out
Finland Hit By Cyber Attacks »

CyberSecurity Jobsite
Check Point

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Waterfall Security Solutions

Waterfall Security Solutions

Waterfall Security is focused on protecting critical infrastructure and industrial control systems from remote online cyber attacks,

Pyramid Computer

Pyramid Computer

Pyramid Computer provides custom enterprise solutions for Industrial PC, Imaging, Network, Security, POS, Indoor Positioning and Automation.

Teradata

Teradata

Teradata is a leading provider of enterprise big data analytics and services. Applications include Cyber Security Analytics.

Gigasoft

Gigasoft

Gigasoft provide secure online data backup & cloud backup services for the education sector and businesses.

Computer Forensic Services

Computer Forensic Services

Computer Forensic Services are digital evidence specialists. Practice areas include Information Security, e-Discovery, Law Enforcement Support and Litigation.

Canadian Institute for Cybersecurity (CIC)

Canadian Institute for Cybersecurity (CIC)

The Canadian Institute for Cybersecurity (CIC) is a comprehensive multidisciplinary training, research and development, and entrepreneurial unit.

CopSonic

CopSonic

Copsonic provide a technology solution based on ultrasonic waves to send secure and encrypted data between two devices in order to achieve authentication.

Safe Security

Safe Security

Safe Security (formerly Lucideus) provides Cyber risk assessment services and platforms to multiple Fortune 500 companies and governments across the globe.

Elpha Secure

Elpha Secure

Elpha Secure provides a comprehensive cybersecurity solution, combining technology and insurance to protect against cyber threats.

Stanley Reid & Company (SRC)

Stanley Reid & Company (SRC)

Stanley Reid & Co is an Executive and Technical Search Firm serving the commercial market and the US Intelligence & Defense community. Our areas of expertise include Cybersecurity.

IP2Location

IP2Location

IP2Location provide services to identify geolocation by IP address, and to detect IP addresses associated with anonymous proxy servers, which are often used for fraud and spamming purposes.

Ultra Intelligence & Communications (Ultra I&C)

Ultra Intelligence & Communications (Ultra I&C)

Ultra Intelligence & Communications provides critical, tactical capabilities that inform decision making in the most challenging environments.

LiveAction

LiveAction

LiveAction provides end-to-end visibility of network and application performance from a single pane of glass.

Swiss Cyber Institute (SCI)

Swiss Cyber Institute (SCI)

The Swiss Cyber Institute is a registered cyber security education provider by the State Secretariat for Education, Research, and Innovation SERI.

AUCyber

AUCyber

AUCyber is a leading provider of managed cyber security solutions and consultancy services, specialising in supporting Australian organisations and Government agencies.

Cyber Command Pvt Ltd

Cyber Command Pvt Ltd

Cyber Command is your one-stop Cyber Security Service Provider, dedicated to delivering customized cybersecurity solutions that safeguard businesses from today's complex threat landscape.