Stolen laptop costs Nationwide £980,000

The Nationwide Building Society has been fined a staggering £980,000 by the Financial Services Authority (FSA) for poor information security controls relating to a stolen laptop.

An FSA investigation into the theft of the laptop from a Nationwide employee’s home last year found that Nationwide failed to have “effective systems and controls to manage its information security risks”. The FSA referred to its decision as a “clear, strong message to all firms about the importance of information security”.

The fine would have been £1.4m but because Nationwide co-operated fully and settled early, it qualified for a 30 per cent discount.

The FSA claimed that the poor security measures meant its customers were potentially open to financial crime. Even worse, Nationwide admitted not knowing that the laptop contained confidential customer information, as well as failing to start an investigation until three weeks after the theft.

“Nationwide is the UK's largest building society and holds confidential information for over 11 million customers,” said Margaret Cole, director of enforcement at the FSA.

“Nationwide's customers were entitled to rely upon it to take reasonable steps to make sure their personal information was secure. Firms' internal controls are fundamental in ensuring customers' details remain as secure as they can be and, as technology evolves, firms must keep their systems and controls up to date to prevent lapses in security.”

Philip Williamson, Nationwide's chief executive, said: “We have extensive security procedures in place, but in this isolated incident our systems of control were found wanting. We have made changes to fill the gap and improve our procedures further.”

Like this story? Spread the news by clicking below:

 del.icio.us     Digg this     reddit!