The Prudential fined £50,000 by Information Commissioner

ICO issues unique fine, throws spotlight on master data management

The Prudential has been fined £50,000 by the Information Commissioner's Office (ICO) after a "mix-up" over the administration of two customers' accounts led to tens of thousands of pounds, meant for an individual's retirement fund, ending up in the wrong account.

This is the first ICO monetary penalty served by the ICO that doesn't relate to a significant data loss, and it highlights the importance of basic master data management in enterprises..

The original error was caused when the records of both customers, who share the same first name, surname and date of birth, were mistakenly merged in March 2007.

The accounts remained confused for more than three years, with the problem only resolved in September 2010. This was despite the company being alerted to the mistake on several occasions, including a letter from one of the customers in late April 2010 which clearly indicated his address had not changed for over 15 years.

The company failed to investigate thoroughly at this point and the penalty imposed today relates to the inaccuracy then present which continued for a further six months.

Stephen Eckersley, ICO head of enforcement, said, "In this case two customer files were consistently confused and the company failed to remedy the situation despite being alerted to the problem on more than one occasion before it was finally resolved.

"This case would be considered farcical were it not for the serious sums of money involved."

The ICO said last year the public made more complaints about the way money lenders were handling their information than for any other sector. Around 15 percent of the almost 13,000 data protection complaints received by the ICO during the last financial year were due to concerns related to money lenders, with inaccurate data the third most complained about issue across all sectors.

Prudential says it has now improved the training it provides to its staff and has updated its processes to ensure that the accuracy of customers' records is maintained at all times.

Earlier this month the ICO said the private sector is "leading the way" on data protection compliance as the public sector continues to struggle.

Join the CSO newsletter!

Error: Please check your email address.

Tags icosecurityPrudentialInformation Commissioner's OfficeIT Business

More about ICOPrudential

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Antony Savvas

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts

Market Place