We'd like to remind Forumites to please avoid political debate on the Forum... Read More »
Barclaycard - Breach of personal data
gawuffy
Posts: 5 Forumite
in Credit cards
I have a Barclaycard Visa account, having been an old Egg credit card holder when they transferred their customers across.
With a small balance outstanding on the card at the time of transfer, Barclaycard didn't issue me with a new card but instead left me to pay off the balance in monthly installments. Happy with the arrangement, I've never needed to contact Barclaycard - until today.
Last weekend I received a letter from Barclaycard, thanking me for getting in touch and advising that the PPI on my account had been cancelled as requested.
Confused, I mentioned it in passing to my younger brother who revealed that he had contacted Barclaycard about his old Egg card to cancel the PPI a couple of weeks earlier, but had never heard anything back.
I was concerned that using only basic security details such as postcode and mothers' maiden name (as we both lived at the same address when we took out the cards, this would have been the same), could Barclays have let my brother access my account instead?
A phone call this morning suggests that they've done just that, and have raised an internal complaint to investigate urgently.
Am I wrong to be angry? I can't really believe that breach like this could happen so easily. Is this something I should be reporting to the FSA? Should I be seeking an apology, or more?
Has anyone had any similar experiences? Any views would be welcome...
With a small balance outstanding on the card at the time of transfer, Barclaycard didn't issue me with a new card but instead left me to pay off the balance in monthly installments. Happy with the arrangement, I've never needed to contact Barclaycard - until today.
Last weekend I received a letter from Barclaycard, thanking me for getting in touch and advising that the PPI on my account had been cancelled as requested.
Confused, I mentioned it in passing to my younger brother who revealed that he had contacted Barclaycard about his old Egg card to cancel the PPI a couple of weeks earlier, but had never heard anything back.
I was concerned that using only basic security details such as postcode and mothers' maiden name (as we both lived at the same address when we took out the cards, this would have been the same), could Barclays have let my brother access my account instead?
A phone call this morning suggests that they've done just that, and have raised an internal complaint to investigate urgently.
Am I wrong to be angry? I can't really believe that breach like this could happen so easily. Is this something I should be reporting to the FSA? Should I be seeking an apology, or more?
Has anyone had any similar experiences? Any views would be welcome...
0
Comments
-
When you say brother contacted them - how was this? by phone? and what information did he give them?
Did he provide his account number? presumably he gave his full name? did they ask for his date of birth? did he provide current address details? Is your card still registered to your mothers address or is it now registered elsewhere?
Did they actually tell him anything with regards to your account? Did they mention the balance for example?A smile enriches those who receive without making poorer those who giveor "It costs nowt to be nice"0 -
He contacted them by phone, not knowing his account number he answered the security questions and was patched through to my account instead of his.
I believe they did give him some account details, need to confirm with him exactly what. PPI was cancelled on the account as he attempted to make a claim on the PPI on his account.
Either way, hard to believe that an error like this would be so easily made!0 -
Is it a twin brother? (ie same DoB?) How similar are your names? Do you still have the two cards registered to the same address?
Obviously they need to review what has happened and ideally they'll be able to listen to the call. It is certainly possible for human error to result in mistakes being made, especially when you consider call centre operators using second lanuages.
What is more important isnt so much that the mistake is made, they will always happen, but how well they manage sorting it out.
You obv also need to be sure your bro didnt actually access your account intentionally to do you the favour of cancelling your PPI for you or such before kicking off too much0 -
I have a Barclaycard Visa account, having been an old Egg credit card holder when they transferred their customers across.
With a small balance outstanding on the card at the time of transfer, Barclaycard didn't issue me with a new card but instead left me to pay off the balance in monthly installments. Happy with the arrangement, I've never needed to contact Barclaycard - until today.
Last weekend I received a letter from Barclaycard, thanking me for getting in touch and advising that the PPI on my account had been cancelled as requested.
Confused, I mentioned it in passing to my younger brother who revealed that he had contacted Barclaycard about his old Egg card to cancel the PPI a couple of weeks earlier, but had never heard anything back.
I was concerned that using only basic security details such as postcode and mothers' maiden name (as we both lived at the same address when we took out the cards, this would have been the same), could Barclays have let my brother access my account instead?
A phone call this morning suggests that they've done just that, and have raised an internal complaint to investigate urgently.
Am I wrong to be angry? I can't really believe that breach like this could happen so easily. Is this something I should be reporting to the FSA? Should I be seeking an apology, or more?
Has anyone had any similar experiences? Any views would be welcome...
Play your cards right and may get a good earner out of this.0 -
An update - a week after my call, Barclaycard replied with a (stock) letter thanking me for getting in touch and advising that I could expect a response by 20th June. Come 20th June I've received another stock letter suggesting that I'll now receive a reply by 18th July.
I'm not sure what investigation takes up to eight weeks to carry out, so I'll be giving them a call on Monday...0 -
An update - a week after my call, Barclaycard replied with a (stock) letter thanking me for getting in touch and advising that I could expect a response by 20th June. Come 20th June I've received another stock letter suggesting that I'll now receive a reply by 18th July.
I'm not sure what investigation takes up to eight weeks to carry out, so I'll be giving them a call on Monday...
8 weeks is the timeframe they're allowed to respond to you. If you're not happy then you can go to the FOS with your complaint, but i'd wait for their response first if i were you.0 -
You can't go to the FOS until either the 8 weeks is up or the investigation has concluded (if that's earlier) - well, you can, but they'll reject your complaint.0
-
I didn't know it could take that long, so will wait and let Barclaycard complete their investigation. Thanks for the advice, everyone.0
-
I'm not sure what investigation takes up to eight weeks to carry out, so I'll be giving them a call on Monday...
I agree. For something of this nature, it shouldn't take 8 weeks.
Personally I wouldn't get hot under the collar about this. Sounds like some sort of postcode + surname lookup that went wrong. Some years ago my sister managed to get a debit card linked to my current account. What was annoying that it took 3 complaints from me to sort it out. Each time they just "took my word for it" and refunded the disputed amount. Only later did they realise what was happening and correct the problem. A backlog of transactions hit my sister's account and in true banking style they never wrote to her to apologise/warn her.
A failure of "systems and controls" in regulatory parlance. Institutions are supposed to identify complaints that could indicate systemic failure and act to prevent recurrence (and in some cases self-report to regulators).0 -
Interesting update on this - Barclaycard have now come back to me with their final response on the matter. They've apologised for the cancelling of PPI on my account, re-instated it (interesting as I didn't ask for that, and PPI is my next task), and blamed it on operator error.
The reply noted my concerns that the account's security had been breached, and confirmed that after 'listening to the call' this is not the case. Interesting as I now have a copy of my brother's itemised phone bill that shows he called them on that day.
In fairness, the customer support team at Barclaycard were helpful but haven't been able to give me a satisfactory reply, so I've referred the case to the Financial Ombudsman (who in turn have advised I also talk to the Information Commissioner's Office).
The plot thickens...0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 349.7K Banking & Borrowing
- 252.6K Reduce Debt & Boost Income
- 452.9K Spending & Discounts
- 242.6K Work, Benefits & Business
- 619.3K Mortgages, Homes & Bills
- 176.3K Life & Family
- 255.5K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.1K Discuss & Feedback
- 15.1K Coronavirus Support Boards