Bank of Ireland today (Monday 28 April 2008) issued an update on the laptops stolen from its Life business.
Bank of Ireland again apologises to customers for this very regrettable incident.
This update includes:
- Details of the completion of the technical part of the investigation
- The planned customer communications programme
- Further steps taken to enhance data security
The technical investigation has identified that details relating to 31,500 policies, policy applications and a small number of mortgage customers were contained on the stolen laptops. The additional numbers arise from the identification of further files not identified at the time of the original statement on the incident issued on Monday 21 April.
We engaged KPMG to review the comprehensive process which we undertook to determine the extent of customer data held on the four laptops and they are satisfied that the approach was both reasonable and appropriate.
The Bank has briefed the Financial Regulator and the Office of the Data Protection Commissioner on the latest developments and will be cooperating fully with the investigation of the Data Protection Commissioner.
Customers from additional branches affected include Bray, Ardee, Arva, Ashbourne, Athboy, Cavan, Bailieborough, Cootehill, Ballybay, Dunboyne, Carrickmacross, Ballyjamesduff, Oldcastle, Kells, Navan, Trim, Kill O’The Grange, Blackrock, Dun Laoghaire, Talbot Street, Greystones and Kingscourt.
In addition, a handful of branches had a very small number of people affected who will be contacted directly.
Customer Communications Programme
- Letters are issuing to customers outlining the type of personal data that was contained on the computer in relation to them. For security reasons, the details will not be included but these will be provided to each customer if requested.
- A dedicated free phone number has now been set up on 1800 365 100 and the lines are open from 9.00 a.m. – 6.00 p.m. Monday to Friday.
- Customers may request, by contact with staff at this number, that the exact details of the information relating to them be sent by post.
- The risk assessment has concluded that the risk of fraud arising from the theft of the information on these laptops is very low. The data on the laptops did not include bank account passwords, PIN numbers or copies of signatures.
- In the unlikely event of a fraud arising as a direct result of the theft of these laptops, the customer will be fully compensated.
- All Bank of Ireland Life laptops are now encrypted and all laptops in the Group will be encrypted by end May 2008.
- Dedicated staff are available to handle customer queries on the free phone number provided.
- Letters are issuing to all impacted customers starting today.
- Monitoring of additional accounts identified in the past week for fraudulent and suspicious activity has been completed and no evidence of fraudulent activity arising from this incident has been found.
- A full report on the investigation when completed will be issued to the Financial Regulator and the Data Protection Commissioner’s Office.
- The Group’s Internal Audit department is carrying out an investigation.
Media Relations Manager
Group Corporate Communications
Ph. 01 – 604 3836 or 087 246 0358