Bank of Ireland Fined €463,000 Over Data Breaches

Uploaded on 2022-04-11 in FREE TO VIEW, BUSINESS-Services-Law, BUSINESS-Services-Financial

Bank of Ireland has been fined 463,000 Euros, (U.S. $504,000) by the Irish Data Protection Commission (DPC) for a number of data breaches from November 2018 to June 2019 affecting customers personal information. The DPC said it investigated the series of data breaches made by the bank, which impacted more than 50,000 customers.   

The notifications concern the corruption of information in the Bank of Ireland’s data feed to the Central Credit Register (CCR), a system that stores loan information.

The findings concern the corruption of information as it pertains to Central Credit Register (CCR) regulations, a system that stores loan information. The CCR processes the Bank of Ireland’s data feed. The latter company was fined for a delay in communicating the data breaches with the affected customers. The DPC confirmed that 19 of the reported incidents constitute data breaches under Ireland’s General Data Protection Regulation (GDPR). In addition to the fines, the DPC issued a reprimand and has ordered that the Bank of Ireland comply with data protection regulations in place in the country. 

Since the release of information, the Bank of Ireland has said it notified all affected customers and has rectified any inaccurate information as it pertains to the case.

In a statement the bank apologised and said it notified all impacted customers and “rectified the inaccurate information reported to the CCR in all but 20 cases, which will be corrected shortly.” It has also taken measures to improve its ongoing CCR reporting, including error management procedures and a process that enables faster correction of errors.

Bank of Ireland said it “acknowledges and sincerely apologises” for the breaches identified by the DPC and said that it had taken measures to address the failings identified.

“The bank has notified all impacted customers,” it said. “It has rectified the inaccurate information reported to the CCR in all but 20 cases which will be corrected shortly... The bank has engaged fully and proactively with the commission during its inquiry and will continue to do so as it implements these additional measures as quickly as possible.”

Irish Examiner:     Compliance Week:    Finextra:    RTE:   Infosecurity Magazine:    Oodaloop:     DataBeaches

You Might Also Read: 

EU Fines For GDPR Breaches Increase Fivefold:

 

« Cyber Security: GCHQ's Director Speaks Out
Finland Hit By Cyber Attacks »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Tines

Tines

The Tines security automation platform helps security teams automate manual tasks, making them more effective and efficient.

IT Security Guru

IT Security Guru

IT Security Gurus publish daily breaking news. interviews with the key thinkers in IT security, videos and the top 10 stories as picked by our Editor.

Teradata

Teradata

Teradata is a leading provider of enterprise big data analytics and services. Applications include Cyber Security Analytics.

Inceptus

Inceptus

Inceptus is a next generation Managed Security Service Provider (MSSP). We are dedicated to keeping our customers safe, secure and protected while doing business on the Internet.

Netsurion

Netsurion

Netsurion powers secure and agile networks for highly distributed and small-to-medium enterprises and the IT providers that serve them.

TriagingX

TriagingX

TriagingX successfully created the first generation malware sandbox that is being used by many Fortune 500 companies for daily malware analysis.

L3Harris Technologies

L3Harris Technologies

L3Harris Technologies is a global aerospace and defense technology innovator, delivering solutions to meet mission-critical needs across air, land, sea, space and cyber domains.

Boeing

Boeing

Boeing is the world's largest aerospace company and leading manufacturer of commercial jetliners, defense, space and security systems.

EnigmaSoft

EnigmaSoft

EnigmaSoft is known for its PC anti-malware remediation utility and service under the tradename SpyHunter.

Capgemini

Capgemini

Capgemini is one of the world's foremost providers of consulting, technology and outsourcing services. Areas of expertise include Cybersecurity.

VENZA

VENZA

VENZA is a data protection company that can help organisations mitigate their vulnerabilities and ensure compliance, keeping guests and their data safe from breaches.

SafeBase

SafeBase

Safebase provide the infrastructure for Trust Communication. Our Trust Center enables Security and Sales teams to share and automate access to security, compliance, and privacy information.

at-yet (@-yet)

at-yet (@-yet)

at-yet are an interdisciplinary team of experts. We are all about achieving results, whatever the situation – an acute incident, risk minimisation, safeguarding or data protection.

Prequel

Prequel

Prequel is your real-time problem detection and resolution platform, powered by the global reliability community.

RevEng.AI

RevEng.AI

RevEng.AI is designed to rigorously validate the integrity of software supply chains at a binary level, ensuring uncompromising security and trustworthiness in digital ecosystems.

Whisper

Whisper

Whisper was built to shift cybersecurity from reactive to predictive. Our mission is to stop cybercrime by helping organizations anticipate threats before damage occurs.

SentryOT

SentryOT

SentryOT's platform provides holistic visibility across all areas of your process & control infrastructure, ensuring that security and operations work hand in hand.