[an error occurred while processing this directive]
BBC News
watch One-Minute World News
Last Updated: Wednesday, 11 July 2007, 07:42 GMT 08:42 UK
How personal data was put at risk
The Information Commissioner has urged businesses to take more care with customers' information after a series of breaches. Here are some cases which his officials have investigated.


Several banks were criticised for dumping customers' personal information in bins outside their premises.

The institutions were HBOS, Alliance & Leicester, Royal Bank of Scotland, Scarborough Building Society, Clydesdale Bank, NatWest, United National Bank, Barclays Bank, Co-operative Bank, HFC Bank and Nationwide building society.

The probe followed evidence from the BBC's Watchdog programme which found information including details of a bank transfer for 500,000 outside a Nottingham branch of the Royal Bank of Scotland.

They promised to comply with the Data Protection Act following the investigation and can be prosecuted if they fail.


Hackers stole information from millions of customers' payment cards after targeting TK Maxx's data centre in Watford.

A TK Maxx
Stores in the US, UK, Canada, Ireland and Puerto Rico are affected

The information was stolen over 16 months from July 2005 and covered credit and debit card transactions as far back as December 2002.

The cause of the theft, its full extent and effect on customers are not known, but for most people the stolen card details would no longer have been relevant.

TK Maxx said it had been working to strengthen the security of its computer systems since the crime's discovery.

The Information Commissioner's office is now considering its next step in the investigation after receiving information from the company.


The website used by junior doctors to apply for jobs in the NHS is being investigated after personal information was found to be visible online.

Phone numbers, addresses, previous convictions and sexual orientation were among details available to the public for at least eight hours on the NHS Medical Training Application Service.

The Department of Health apologised but said the information was only available briefly, and only to people making employment checks.

It is also investigating further claims that doctors could access each other's files by changing two digits in the personalised web address given to each individual.

The department is carrying out its own internal investigation and will report back to the Commissioner.


Mobile phone company Orange was criticised for not keeping its customers' personal information secure.

A mobile phone
Orange said its customers' security was 'paramount'

It was investigated after the ICO received a complaint about the way Orange processed personal information.

New staff shared user names and passwords when accessing the company IT system, which meant that information could be accessed by unauthorised members of staff.

Orange was ordered to sign an undertaking to comply with the rules of the Data Protection Act.

An Orange spokesman said the security of customer information was "paramount" to the company.


A customer of home shopping firm Littlewoods complained after trying to stop the company using her information to send her sales material.

Despite her requests they continued to send her the material.

The ICO investigated and ruled that Littlewoods had failed to process customers' data in line with the Data Protection Act.

Littlewoods was told to sign an undertaking to comply in future.

A spokeswoman for Littlewoods said the incident was a one-off clerical error and did not represent a general failure to uphold data protection.

Watchdog issues ID theft warning
29 Jan 07 |  Business
Banks 'careless' with information
13 Mar 07 |  Business
Firms broke data protection rules
21 Jun 07 |  Business

The BBC is not responsible for the content of external internet sites

Has China's housing bubble burst?
How the world's oldest clove tree defied an empire
Why Royal Ballet principal Sergei Polunin quit


Americas Africa Europe Middle East South Asia Asia Pacific