We’d like to remind Forumites to please avoid political debate on the Forum.
This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
The Forum now has a brand new text editor, adding a bunch of handy features to use when creating posts. Read more in our how-to guide
Domestic & General Data Breach
sir_shad
Posts: 35 Forumite
Hello, i'm not sure if this is the right forum for this post. I've just logged into my Domestic and General account and on my Dashboard where you can usually see all the appliances / plans you have with them, I can see many other active plans. When i click into them, i can download the plan documents which give me names, addresses, bank account holder name, last 4 digits of bank account number, sort code, bank name. This to me seems like a serious data breach. I called them and they said they are working on an issue but apparently nobody else can see my plans. I do not believe that. I can see at least 7 plans for other customers which are not my plans and i can see all of their data for the aforementioned areas. Is there a regulator i can complain to? Not sure what the process here would be.
0
Comments
-
I had similar experience yesterday when I logged into my account. Seemed my account had been merged and I had access to 35 other policies including name and address, dates of birth and bank account details. I called D&G and said they’d investigate and call me back. I checked the ICO procedure and it seems to suggest you must allow D&G to investigate and respond before escalating.1
-
ICO is the escalation point @eskbanker, you have to give the organisation themselves time to deal with the complaint before you can go to the ICO. Any material breach the organisation themselves have to report to the ICO with their action plans and the ICO then decide what level of oversight they wanteskbanker said:
You can forward your complaint to the Information Commissioner's Office, who are responsible for data protection matters within the UK.sir_shad said:Is there a regulator i can complain to? Not sure what the process here would be.0 -
Yes, I should perhaps have expanded on 'forwarding' a complaint to be clearer that it's forwarding an existing complaint, i.e. the one made to the organisation itself, rather than the ICO being the first port of call:DullGreyGuy said:
ICO is the escalation point @eskbanker, you have to give the organisation themselves time to deal with the complaint before you can go to the ICO. Any material breach the organisation themselves have to report to the ICO with their action plans and the ICO then decide what level of oversight they wanteskbanker said:
You can forward your complaint to the Information Commissioner's Office, who are responsible for data protection matters within the UK.sir_shad said:Is there a regulator i can complain to? Not sure what the process here would be.https://ico.org.uk/make-a-complaint/data-protection-complaints/data-protection-complaints/What you'll need
You'll need:
- a copy of the complaint you have made to the organisation about how they have used your information [...]
0 - a copy of the complaint you have made to the organisation about how they have used your information [...]
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 353.6K Banking & Borrowing
- 254.2K Reduce Debt & Boost Income
- 455.1K Spending & Discounts
- 246.6K Work, Benefits & Business
- 603K Mortgages, Homes & Bills
- 178.1K Life & Family
- 260.7K Travel & Transport
- 1.5M Hobbies & Leisure
- 16K Discuss & Feedback
- 37.7K Read-Only Boards