Identity fraud has increased adding to fears over financial personal data
Personal financial details were listed on the hard disc of a computer reportedly sold on the auction website eBay.
Information relating to credit card applications by millions of customers - said to include account details, signatures, mobile phone numbers and family details - were contained on the computer.
Royal Bank of Scotland, one of the businesses involved, has said it is looking into the case as a matter of urgency.
This is the latest in a series of embarrassing data losses involving major financial institutions, forcing them to tighten procedures.
Security experts said too many employees were not aware of the risks involved in transferring sensitive data to portable devices such as memory sticks.
"An organisation's data is often its most important asset," said Alastair Broom, security director at Dimension Data, "yet organisations rarely have adequate visibility or control of their data".
He said firms needed to change the way their staff handle data as well as investing in software capable of controlling its movement off internal computer networks.
"The starting point is developing a robust security policy and ensuring that all employees fully understand their role and obligations in support of it through internal training and communication."
Below are some of the worst examples of recent security breaches.
In 2007, a laptop from a Nationwide employee's home containing confidential customer data was stolen.
Eleven million Nationwide customers were said to be at risk of identity crime at the time.
The Financial Services Authority said security was not up to scratch after the Nationwide employee had put details of nearly 11 million customers on his computer.
The FSA also found that the Nationwide did not start an investigation until three weeks after the theft occurred.
The firm was fined £980,000 by the City watchdog for security breaches.
The HSBC banking group lost a disc which contained details of some 370,000 customers from its Southampton office.
The disc was lost after being sent by courier from the bank's life insurance offices in Southampton.
Customers names, dates of birth, and their levels of insurance cover were all on the disc.
But there were no addresses or bank account details. HSBC said the customers' exposure to potential fraud was limited.
HM REVENUE AND CUSTOMS
About 15,000 Standard Life customers were said to be at risk of fraud after HMRC lost personal details.
The data was on a CD sent from the Revenue office in Newcastle to the company's headquarters in Edinburgh.
But the disc, containing names, national insurance numbers, dates of birth and pension data, never arrived at its intended destination.
HMRC and Standard Life sent warning letters to customers five weeks after the data breach occurred.