Barclays customer data 'stolen and sold', newspaper says

A Barclays sign Barclays said it would "contact and advise" all affected customers

Related Stories

Investigations have been launched after a report that thousands of confidential files with Barclays Bank customers details had been stolen and sold.

The Mail on Sunday said an anonymous whistleblower had handed it a memory stick with the personal data of 2,000 Barclays customers, saying information on a further 25,000 was also available.

The files are said to hold passport and national insurance numbers, as well as money and health information.

Barclays said it was investigating.

Start Quote

This appears to be criminal action and we will co-operate with the authorities on pursuing the perpetrator”

End Quote Barclays spokesman

The report said the data, which also contained the individuals' attitude to risk, had been sold to "rogue City traders" and was "worth millions on the black market because it allowed unsuspecting individuals to be targeted in investment scams".

Bank 'grateful'

The files date from 2008. The customers in question had originally contacted the bank seeking financial advice from Barclays Financial Planning.

That division was shut down in 2011.

The Information Commissioner's Office said it would be working with the newspaper and police who were seeking more details.

The maximum fine for losing personal data is £500,000.

Financial commentator, David Buick, said the report was alarming: "It's the breach of trust... you as an individual actually knowing that your personal details about your life has been passed on to potentially an unscrupulous individual who will try and behave like a maverick and capitalise on your life.

"If this is proven it is absolutely disgraceful."

Barclays said it had contacted regulators as soon as it had been made aware, adding that it was grateful to the Mail on Sunday for bringing this to its attention.

''We will take all necessary steps to contact and advise those customers as soon as possible so that they can also ensure the safety of their personal data," a Barclays spokesman said.

He said protecting customers' data was a "top priority", adding: "This appears to be criminal action and we will co-operate with the authorities on pursuing the perpetrator."


More on This Story

Related Stories

The BBC is not responsible for the content of external Internet sites



This entry is now closed for comments

Jump to comments pagination
  • rate this

    Comment number 461.

    Mark, do you really think banks have separate data storage facilities for every single customer? Do you think they have a server in a data centre with your name on it and a similar server for every other individual customer? Or do you think it might be possible that they have a smaller number of aggregated databases which list all customers and from which data extracts can be taken?

  • rate this

    Comment number 460.

    @441 Blythkeith

    I agree with you.

    How is it possible to transfer the data of 27,000 people unless it was already gathered for easy access.

    I would of expected my details to be contained in my account only.
    Did the culprit open 27,000 accounts to get this data?

    If so, why no alarm bells?
    If not then why are all our eggs in one basket?

  • rate this

    Comment number 459.

    I don't understand this differs from the government selling our data to insurance companies, without our knowledge/permission.

    Why is it criminal in this case but not when the civil service do it?

    The end result is still "personal details about your life.... passed on to potentially an unscrupulous individual who will try and behave like a maverick and capitalise on your life"

  • rate this

    Comment number 458.

    453 rememberdurruti.

    Wander down to your local high street and find a building society. Haven't seen Nationwide or the various local mutuals implicated in any of the things you list.

  • rate this

    Comment number 457.

    For a long time I have practised a simple 'honey trap' - every organisation I have dealings with has a slightly different version of my 'personal details' - that way I can at least tell who let them out when I find that my data is somewhere it should not be... and then take appropriate action.

  • rate this

    Comment number 456.

    449 Arthur Daley. I don't think I see myself as a bank apologist. I just feel uncomfortable about joining the scathing criticism of Barclays on this blog long before the true facts are available. I also don't like the idea that the true culprit in this (the data thief) is overlooked. To my mind, accepting a salary from a bank and then stealing its data for sale to the highest bidder is immoral.

  • rate this

    Comment number 455.

    I feel really confident about using my mobile phone to make payments. Safe and secure as per the Bankleys Bark ad. I'm sure that it wont be hacked via Angry Burds whatever they are. But I am worried that they may be attracted by nectar points

  • rate this

    Comment number 454.

    Having been told by Barclays on Friday that they are increasing some of their fees by 500% from April, I hope that if they have breached then their fine is increase by 500%. 500K is a drop in the ocean for them and thus no deterrent

  • rate this

    Comment number 453.

    If we could find a bank in the UK that doesn't rig interest rates, manipulate energy markets, offer bribes to certain countries, launder drug cartel money, lend money to drug cartels, rig exchange rates, reward failure etc... We would 'bank elsewhere'
    Until then we are stuck with what we have now. No wonder the UK attracts this bunch of fraudsters given the protection they get here.

  • rate this

    Comment number 452.

    HSBC laundered billions and billions over a period of years for terrorists in the ME and cartels in Mexico. Result? Authorities decide not to prosecute as criminal charges could collapse the bank so fined them instead a tiny amount made from their ill gotten cash.

    Liberty Reserve charged for money laundering and is shut down instantly. There is no consistency and bankers have immunity.

  • rate this

    Comment number 451.

    449. Arthur Daley - "Bank apologists
    How you can defend the steamin' pile & arrogant position atop of it adopted by some is beyond me. There appears to be dodgey deals @ every level..."

    This thread is about data theft.

    I think you have some stiff competition for 'chief torch carrier' in the baying mob! You're coming across way too reasonable, let it all out.

  • rate this

    Comment number 450.

    Ahh, good news. I feel a compensation claim from Barclays coming on.

  • rate this

    Comment number 449.

    Bank apologists

    How you can defend the steamin' pile & arrogant position atop of it adopted by some is beyond me. There appears to be dodgey deals @ every level, Diamond wasnt out for nothing. Theres LIBOR, FX, PPI data theft etc etc etc. If you have a bellyache about the way the public see you take it up with yr management or take a stomache relaxant

    If banks were clean nobody could comment

  • rate this

    Comment number 448.

    @441. Blythkeith

    Your argument is flawed. "Reasonable steps" by definition means that there may be more but less reasonable steps that can be taken. This in turn infers that there is still some risk which in this case has been proven to be correct

  • rate this

    Comment number 447.

    well what do any of us expect of banks; just ripping us off from ever angle & appear to be totally beyond controlling

  • rate this

    Comment number 446.

    442 sufficiency might be a test. So might be foreseeability, level of training and supervision provided, audit procedures, etc. The data protection commissioner does not expect every organisation to micro-manage every one of its employees.

  • rate this

    Comment number 445.

    "So a 'statement' shows what you have been 'charged'? How is this fraudulent? You do know what fraud means don't you? Fraud would be not giving you a statement, or T&Cs, or misrepresenting the charges."

    So YOUR bank statement and terms and conditions show that your bank can steal your data, sell it on and, shows how much your bank made from doing this? That's a 'service'?

  • rate this

    Comment number 444.

    434. Blythkeith - "432: 'You say it like its a bad thing?'

    IT IS, when it's at OUR expense."

    So stop bleating & bank somewhere else, nobody is holding a gun to your head. They tell you what you'll be charged & then they charge it, if you can't cope with this I feel sorry for you.

  • rate this

    Comment number 443.

    440. Fixing rates probably is a crime. Some bank employees have rightly been sacked for this and are being investigated by the police. Some could yet go to jail. I don't think even the most ardent bank supporters on this blog would complain if they did - they tarnish the whole industry.

    But most the bail outs paid to Northern Rock, RBS, Lloyds, etc were the result of of bad judgement not crimes.

  • rate this

    Comment number 442.

    439: "The clue is in the word "reasonable".

    Which in practice means "SUFFICIENT".

    And it clearly wasn't, was it?


Page 1 of 24


More Business stories



BBC © 2014 The BBC is not responsible for the content of external sites. Read more.

This page is best viewed in an up-to-date web browser with style sheets (CSS) enabled. While you will be able to view the content of this page in your current browser, you will not be able to get the full visual experience. Please consider upgrading your browser software or enabling style sheets (CSS) if you are able to do so.