Bupa has been fined £175,000 by the Information Commissioner’s Officer (ICO) for inadequate security measures relating to customer data.
The ICO revealed that between 6 January and 11 March 2017, a Bupa employee was able to extract the personal information of 547,000 Bupa Global customers and offer it for sale on the dark web.
The employee accessed the information via Bupa’s customer relationship management system, known as SWAN. The system holds customer records relating to 1.5m people.
- Gallagher buys Pavey Group
- Professional indemnity rates set to harden
- Fusion sports team moves into Geo Specialty after Ardonagh sale
- Opinion: Peter Cullum on the value of consolidation
- Brightside targeting £250m GWP within five years
- Aviva aims to disrupt the market with new subscription-style product
- The Blog Spot: Solving dual pricing with three figures