Bupa has been fined £175,000 by the Information Commissioner’s Officer (ICO) for inadequate security measures relating to customer data.
The ICO revealed that between 6 January and 11 March 2017, a Bupa employee was able to extract the personal information of 547,000 Bupa Global customers and offer it for sale on the dark web.
The employee accessed the information via Bupa’s customer relationship management system, known as SWAN. The system holds customer records relating to 1.5m people.
- FCA warns on clone of Ellis David Insurance Brokers
- InsurTech Futures: Ex-Brokerbility and Aviva expert targets on-demand market
- FCA issues another clone broker warning
- Miller buys Alston Gayler and Co
- Blog: Does your board meet FCA standards?
- Podcast: Certus' Ben Welsh looks at the top five stories of the week
- Axa XL to move EU arm to Dublin