Money home
Money News
Zurich fined £2.3million for losing customer data
Tuesday 24 August 2010By Dominic Welling dominic.welling@consumerchoices.co.uk
Insurance company Zurich has been fined £2.275million by the money regulator for losing its customers’ personal details.
The Financial Services Authority (FSA) has fined the UK branch of Zurich Insurance after it lost the personal details of 46,000 policy holders - including their bank account and credit card information.
The money regulator said that Zurich did not have adequate systems and controls in place to prevent the loss of customers' confidential information.
Margaret Cole, director of enforcement and financial crime at the FSA, said: "Zurich UK let its customers down badly.
“It failed to oversee the outsourcing arrangement effectively and did not have full control over the data being processed by Zurich SA.”
The fine is the highest ever levied on a single firm for data security failings.
According to the FSA, the loss could have exposed customers to the risk of burglary but Zurich said it had seen no evidence to suggest that the personal data was compromised or misused.
| Zurich UK let its customers down badly |
Zurich UK outsources the processing of some of its general insurance customer data to its branch in South Africa (Zurich SA).
In August 2008, Zurich SA lost an unencrypted back-up tape during a routine transfer to a data storage centre.
As there were no proper reporting lines in place Zurich UK did not learn of the incident until a year later.
As Zurich UK agreed to settle at an early stage of the investigation the firm qualified for a 30% discount. Without this discount the firm would have been fined £3.25million.