We'd like to remind Forumites to please avoid political debate on the Forum... Read More »
We're aware that some users are experiencing technical issues which the team are working to resolve. See the Community Noticeboard for more info. Thank you for your patience.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
GDPR and Data Security Breach
Options
dinkydong
Posts: 2 Newbie
My wife and I have recently had our banking details made available to a third party allowing and giving the third party complete unadulterated access to our bank accounts along with personal information.
To make matters worse, the Bank informed the third party of the breach in the belief they were contacting me....this came to my attention when the third party contacted me!!!!
Fortunately no financial loss has occurred because of the honest nature of the third party.
The Bank said the error had occurred because our profiles had been merged with the third party.
1. Is this classed as a GDPR breach?
2.What actions can we take against the Bank?
3. Are there guidelines for the amount of compensation we can expect? We have been offered £200 each (£400 total).
4. Is the third party entitled to any compensation or good will gesture from the Bank?
Thank You in anticipation of your replies.
To make matters worse, the Bank informed the third party of the breach in the belief they were contacting me....this came to my attention when the third party contacted me!!!!
Fortunately no financial loss has occurred because of the honest nature of the third party.
The Bank said the error had occurred because our profiles had been merged with the third party.
1. Is this classed as a GDPR breach?
2.What actions can we take against the Bank?
3. Are there guidelines for the amount of compensation we can expect? We have been offered £200 each (£400 total).
4. Is the third party entitled to any compensation or good will gesture from the Bank?
Thank You in anticipation of your replies.
0
Comments
-
£200 is about right- you could push it to £250-300.
No third party is entitled to zero.
You could also report it to the ICO.0 -
Fortunately no financial loss has occurred because of the honest nature of the third party.
Which also mitigates any payment you are likely to get from them.1. Is this classed as a GDPR breach?
It is a data protection breach. However, a clerical error from a staff member rather than a systemic widespread failure.2.What actions can we take against the Bank?
Why would you want to take any action? you would incur costs and you are not financially out of pocket. It is just best handled via the complaints process (which they are doing).3. Are there guidelines for the amount of compensation we can expect? We have been offered £200 each (£400 total).
That is quite a good result. Maximum tends to be £250 on clerical errors resulting in no loss.
No. And neither are you "entitled". They are offering a goodwill gesture to reflect their mistake they made that impacted on you. What they decide to offer the person would like be zero to £100 as their data was not breached. They just had a minor inconvenience.4. Is the third party entitled to any compensation or good will gesture from the Bank?
Data protection is very important but its not one-off clerical errors are not treated the same way as facebook breaches. There is an expectation that occasional one off errors will happen as you cannot expect perfection when humans are involved.I am an Independent Financial Adviser (IFA). The comments I make are just my opinion and are for discussion purposes only. They are not financial advice and you should not treat them as such. If you feel an area discussed may be relevant to you, then please seek advice from an Independent Financial Adviser local to you.0 -
You should be thanking the person who made the clerical mistake. You have suffered no financial loss and will be receiving an unexpected bonus of £400 pounds.0
-
Thank You for your replies.
They echo my thoughts on the situation exactly.
I've been given more extreme advice from some colleagues and acquaintances and therefore needed some ratification as to my own thoughts on the situation.0 -
Thank You for your replies.
They echo my thoughts on the situation exactly.
I've been given more extreme advice from some colleagues and acquaintances and therefore needed some ratification as to my own thoughts on the situation.
Unfortunately friends and family are often the worst for advice0 -
I just found this thread as the same thing just happened to me. I suggest you contact ICO even if this appears not to be a bulk, wholesale failure. If the ICO receives numerous similar "one off" failures for a particular bank, it would indicate an unacceptable level of incompetence and/or systems failures, in which case the ICO may want to escalate the issue with the bank. Complacency over one-off failures is the thin end of a wedge.0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 350.9K Banking & Borrowing
- 253.1K Reduce Debt & Boost Income
- 453.5K Spending & Discounts
- 243.9K Work, Benefits & Business
- 598.8K Mortgages, Homes & Bills
- 176.9K Life & Family
- 257.2K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.1K Discuss & Feedback
- 37.6K Read-Only Boards