Details of customers or potential customers of Royal Bank of
Scotland, American Express and NatWest were on the computer, which
was taken from a Graphic Data site.
Information on the computer is said to include details of
people's names, addresses, phone numbers, signatures and mothers'
maiden names. Such extensive information could be used to
impersonate people and conduct identity theft and fraud.
"Graphic Data has confirmed to us that one of their machines
appears to have been inappropriately sold on via a third party,"
said a statement from Royal Bank of Scotland, which operates as RBS
and as NatWest.
"As a result, historical data relating to credit card
applications from some of our customers and data from other banks
were not removed. We take this issue extremely seriously and are
working to resolve this regrettable loss with Graphic Data as a
matter of urgency," it said.
The computer is reported as having been sold by an ex-employee
of Graphic Data, and a second machine is said to be missing. The
machine with the one million customer details on it had been
reported by its purchaser, Andrew Chapman.
