ICO hands Prudential £50,000 data mismanagement fine
Financial services organisation hit with financial penalty after account merger error

British life assurance and financial services firm, Prudential, has been fined 50,000 by the Information Commissioner's office (ICO) for merging two accounts belonging to different customers with the same name.
The organisation took three years to fix the problem, during which time thousands of pounds ended up in the wrong pockets.
The accounts were mistakenly merged in March 2007 as the customers shared much of the same personal information, including first name, surname, and date of birth, but not postal addresses. Despite being told about the error multiple times by the customers affected, Prudential took no action until 2010.
In light of the judgement, Stephen Eckersley, head of enforcement at the ICO, said: "Organisations must make sure the information they hold on their customers' files is accurate and kept up to date in order to comply with the Date Protection Act."
"We hope this penalty sends a message to all organisations, but particularly those in the financial sector, that adequate checks must be in place to ensure people's records are accurate," he added.
Last year the public made more complaints about the way money lenders were handling their information than for any other sector, with almost 15 per cent of the close to 13,000 complaints received by the ICO in the last fiscal year relating to financial services.
Prudential has now improved the training it provides to its staff and updated its processes to ensure the accuracy of customers' records is maintained at all times, the ICO said.
Sign up today and you will receive a free copy of our Future Focus 2025 report - the leading guidance on AI, cybersecurity and other IT challenges as per 700+ senior executives
-
HPE just announced huge changes to its channel programs
News HPE has announced the launch of HPE Partner Ready Vantage, a new unified channel program designed to help partners unlock new growth opportunities.
-
Customer service workers were first on the AI chopping block, but now enterprises are backtracking
News While businesses have been keen on replacing customer service workers with AI, adoption difficulties mean many are now backtracking on plans.
-
Scania admits leak of data after extortion attempt
News Hacker stole 34,000 files from a third-party managed website, trucking company says
-
23andMe 'failed to take basic steps' to safeguard customer data
News The ICO has strong criticism for the way the genetic testing company responded to a 2023 breach.
-
AI recruitment tools are still a privacy nightmare – here's how the ICO plans to crack down on misuse
News The ICO has issued guidance for recruiters and AI developers after finding that many are mishandling data
-
“You must do better”: Information Commissioner John Edwards calls on firms to beef up support for data breach victims
News Companies need to treat victims with swift, practical action, according to the ICO
-
LinkedIn backtracks on AI training rules after user backlash
News UK-based LinkedIn users will now get the same protections as those elsewhere in Europe
-
UK's data protection watchdog deepens cooperation with National Crime Agency
News The two bodies want to improve the support given to organizations experiencing cyber attacks and ransomware recovery
-
ICO slams Electoral Commission over security failures
News The Electoral Commission has been reprimanded for poor security practices, including a failure to install security updates and weak password policies
-
Disgruntled ex-employees are using ‘weaponized’ data subject access requests to pester firms
News Some disgruntled staff are using DSARs as a means to pressure former employers into a financial settlement