It’s not been a great week for Zurich Insurance. It has been told it must pay a £2.3m fine by the Financial Services Authority.
It’s crime, losing the personal data of thousands of people.
It’s an incredible story really. Zurich Insurance lost 46,000 customer records, including some bank details when a tape back-up went missing between two sites in South Africa.
But that’s not that half of it. The firm’s security was so effective it took a year for Zurich UK to learn that the data loss had even occurred.Talk about shutting the door after the horse has bolted.
The really shocking truth of the case is that it highlighted that Zurich had no effective data protection systems in place or systems to manage the risks to “the security of customer data resulting from the outsourcing arrangement”.
Here at Think4 the only real surprise from this week’s news is that there aren’t more cases like this. Security at far too many firms is lax. What this fine might do is help wake people up — when they are handling the sensitive data of thousands of people they need to handle it with care.
Sadly we reckon many more organisations are going to find out the hard way that data is an expensive commodity and needs to treated that way.